Headline
CVE-2023-5550: Official Moodle git projects - moodle.git/search
In a shared hosting environment that has been misconfigured to allow access to other users’ content, a Moodle user who also has direct access to the web server outside of the Moodle webroot could utilise a local file include to achieve remote code execution.
No match.
Moodle official production repository
RSS Atom
Related news
GHSA-5cvx-cwpx-9rjh: Moodle Code Injection vulnerability
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user who also has direct access to the web server outside of the Moodle webroot could utilise a local file include to achieve remote code execution.