vulnerability
Moodle: Improper Encoding or Escaping of Output (CVE-2021-40694)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:L/Au:M/C:C/I:N/A:N) | Sep 29, 2022 | Oct 5, 2022 | Feb 15, 2026 |
Severity
6
CVSS
(AV:N/AC:L/Au:M/C:C/I:N/A:N)
Published
Sep 29, 2022
Added
Oct 5, 2022
Modified
Feb 15, 2026
Description
Insufficient escaping of the LaTeX preamble made it possible for site administrators to read files available to the HTTP server system account.
Solutions
moodle-upgrade-3_10_7moodle-upgrade-3_11_3moodle-upgrade-3_9_10
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.