Description
A denial-of-service risk was identified in the draft files area, due to it not respecting user file upload limits. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected.
Remediation
References
Related Vulnerabilities
WordPress Plugin Export Users to CSV Unspecified Vulnerability (1.3)
WordPress Plugin ZX_CSV Upload Multiple Vulnerabilities (1)
Oracle Database Server CVE-2023-22034 Vulnerability (CVE-2023-22034)
Joomla! Core 3.7.0 SQL Injection (3.7.0)
WordPress Plugin WP Prayer Cross-Site Request Forgery (1.5.4)