Remote Code Execution Vulnerability in Moodle 3.x via Calculated Question Eval Injection

Remote Code Execution Vulnerability in Moodle 3.x via Calculated Question Eval Injection

CVE-2018-1133 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

An issue was discovered in Moodle 3.x. A Teacher creating a Calculated question can intentionally cause remote code execution on the server, aka eval injection.

Learn more about our Cis Benchmark Audit For Server Software.