Description
A limited SQL injection risk was identified on the Mnet SSO access control page. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions.
Remediation
References
Related Vulnerabilities
b2evolution Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-7352)
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.4)
Joomla! Core Privilege Escalation (1.6.0 - 3.6.4)
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.24)
WordPress Plugin WordPress Backup to Ziddu Cross-Site Scripting (1)