Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Moodle Improper Control of Generation of Code (Code Injection) Vulnerability - CVE-2021-20187 - Vulnerability Database
Moodle

Moodle Improper Control of Generation of Code (Code Injection) Vulnerability - CVE-2021-20187

High
Reference: CVE-2021-20187
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-20187
Title: Moodle Improper Control of Generation of Code (Code Injection) Vulnerability
Overview:

It was found in Moodle before version 3.10.1 3.9.4 3.8.7 and 3.5.16 that it was possible for site administrators to execute arbitrary PHP scripts via a PHP include used during Shibboleth authentication.