SQL Injection Vulnerability in Moodle's External Wiki Method

SQL Injection Vulnerability in Moodle's External Wiki Method

CVE-2023-30944 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected application and execute limited SQL commands within the application database.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.