Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-43425)
Description
A flaw was found in Moodle. Additional restrictions are required to avoid a remote code execution risk in calculated question types. Note: This requires the capability to add/update questions.