Moodle CVE-2018-10891 Remote Code Injection Vulnerability
BID:104739
CVE-2018-10891 |Info
Moodle CVE-2018-10891 Remote Code Injection Vulnerability
| Bugtraq ID: | 104739 |
| Class: | Input Validation Error |
| CVE: |
CVE-2018-10891 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 11 2018 12:00AM |
| Updated: | Jul 11 2018 12:00AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
Moodle Moodle 3.4.3 Moodle Moodle 3.4.2 Moodle Moodle 3.3.6 Moodle Moodle 3.3.5 Moodle Moodle 3.3.4 Moodle Moodle 3.3.3 Moodle Moodle 3.3.1 Moodle Moodle 3.1.12 Moodle Moodle 3.1.11 Moodle Moodle 3.1.10 Moodle Moodle 3.1.9 Moodle Moodle 3.1.7 Moodle Moodle 3.1.4 Moodle Moodle 3.1.3 Moodle Moodle 3.1.2 Moodle Moodle 3.1.1 Moodle Moodle 3.5 Moodle Moodle 3.4.1 Moodle Moodle 3.3.2 Moodle Moodle 3.1.8 Moodle Moodle 3.1.6 Moodle Moodle 3.1.5 |
| Not Vulnerable: |
Moodle Moodle 3.5.1 Moodle Moodle 3.4.4 Moodle Moodle 3.3.7 Moodle Moodle 3.1.13 |
Discussion
Moodle CVE-2018-10891 Remote Code Injection Vulnerability
Moodle is prone to a vulnerability that lets attackers inject and execute arbitrary code.
Successful exploits may allow an attacker to inject and run arbitrary code in the context of the user.
Versions prior to Moodle 3.5.1, 3.4.4, 3.3.7, and 3.1.13 are vulnerable.
Moodle is prone to a vulnerability that lets attackers inject and execute arbitrary code.
Successful exploits may allow an attacker to inject and run arbitrary code in the context of the user.
Versions prior to Moodle 3.5.1, 3.4.4, 3.3.7, and 3.1.13 are vulnerable.