Description

An issue was discovered in Moodle 3.x. A Teacher creating a Calculated question can intentionally cause remote code execution on the server, aka eval injection.

Remediation

References

CVE-2018-1133

Related Vulnerabilities

WordPress Plugin PDF & Print Button Joliprint Multiple Cross-Site Scripting Vulnerabilities (1.3.0)

WordPress Plugin Site Import Remote File Inclusion (1.0.1)

WordPress 5.8.x Multiple Vulnerabilities (5.8 - 5.8.4)

WordPress Plugin Responsive Poll Cross-Site Scripting (1.5.8)

WordPress Plugin WPeMatico RSS Feed Fetcher Cross-Site Scripting (2.3.7)

Severity

High

Classification

CVE-2018-1133 CWE-94 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities