Description

A limited SQL injection risk was identified on the Mnet SSO access control page. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions.

Remediation

References

CVE-2023-35132

Related Vulnerabilities

MySQL CVE-2019-2811 Vulnerability (CVE-2019-2811)

EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14350)

WebLogic CVE-2021-2376 Vulnerability (CVE-2021-2376)

Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5592)

WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.24)

Severity

Medium

Classification

CVE-2023-35132 CWE-138 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Tags

Missing Update Known Vulnerabilities