Description
Moodle before 1.6.2 does not properly validate the module instance id when creating a course module object, which has unspecified impact and remote attack vectors.
Remediation
References
Related Vulnerabilities
WordPress CVE-2016-5839 Vulnerability (CVE-2016-5839)
Squid Out-of-bounds Read Vulnerability (CVE-2023-49285)
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-8447)
WordPress Plugin WordPress Button Plugin MaxButtons Cross-Site Scripting (1.26.0)
WordPress Plugin Redirection 'id' Parameter Cross-Site Scripting (2.2.8)