Description
iplookup/index.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote attackers to cause a denial of service (resource consumption) by triggering the calculation of an estimated latitude and longitude for an IP address.
Remediation
References
Related Vulnerabilities
SugarCRM Missing Authorization Vulnerability (CVE-2020-7472)
Grafana Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-12458)
Drupal Core 9.2.x Directory Traversal (9.2.0 - 9.2.1)
Sqlite Other Vulnerability (CVE-2019-20218)
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-5394)