Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Moodle Externally Controlled Reference to a Resource in Another Sphere Vulnerability - CVE-2023-30943 - Vulnerability Database
Moodle

Moodle Externally Controlled Reference to a Resource in Another Sphere Vulnerability - CVE-2023-30943

Medium
Reference: CVE-2023-30943
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2023-30943
Title: Moodle Externally Controlled Reference to a Resource in Another Sphere Vulnerability
Overview:

The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system.