Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2013-3630)
Description
Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor.