vulnerability
Moodle: Improper Encoding or Escaping of Output (CVE-2021-40694)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:L/Au:M/C:C/I:N/A:N) | Sep 29, 2022 | Oct 5, 2022 | Jan 28, 2025 |
Severity
6
CVSS
(AV:N/AC:L/Au:M/C:C/I:N/A:N)
Published
Sep 29, 2022
Added
Oct 5, 2022
Modified
Jan 28, 2025
Description
Insufficient escaping of the LaTeX preamble made it possible for site administrators to read files available to the HTTP server system account.
Solutions
moodle-upgrade-3_10_7moodle-upgrade-3_11_3moodle-upgrade-3_9_10
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.