Main Vulnerability Database Vulnerabilities #VU82193

#VU82193 Acceptance of Extraneous Untrusted Data With Trusted Data in Moodle - CVE-2023-5548

Published: October 18, 2023

Vulnerability identifier: #VU82193

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2023-5548

CWE-ID: CWE-349

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Moodle

Software vendor:
moodle.org

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to acceptance of extraneous untrusted data with trusted data within file serving endpoints revision control.

Install updates from vendor's website.