Arbitrary Program Execution Vulnerability in Moodle 2.5.2

Arbitrary Program Execution Vulnerability in Moodle 2.5.2

CVE-2013-3630 · MEDIUM Severity

AV:N/AC:H/AU:S/C:P/I:P/A:P

Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor.

Learn more about our Web Application Penetration Testing UK.