|Category:||Web application abuses|
|Title:||Moodle < 3.5.12, 3.6.x < 3.6.10, 3.7.x < 3.7.6, 3.8.x < 3.8.3 RCE Vulnerability|
|Summary:||Moodle is prone to a remote code execution (RCE) vulnerability.|
Moodle is prone to a remote code execution (RCE) vulnerability.
It is possible to create a SCORM package in such a way
that when added to a course, it could be interacted with via web services
in order to achieve remote code execution.
Successful exploitation would allow an authenticated attacker to
execute arbitrary code on the target machine.
Moodle through version 3.5.11, versions 3.6.0 through 3.6.9,
3.7.0 through 3.7.5 and 3.8.0 through 3.8.2.
Update to version 3.5.12, 3.6.10, 3.7.6 or 3.8.3 respectively.
Common Vulnerability Exposure (CVE) ID: CVE-2020-10738|
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.