The version of Moodle installed on the remote host is 3.9.x prior to 3.9.15, 3.11.x prior to 3.11.8 or 4.0.x prior to 4.0.2. It is, therefore, affected by multiple vulnerabilities:
A code injection through an omitted execution parameter elading to Remote Code Execution (RCE) for sites running GhostScript versions older than 9.50. (CVE-2022-35649)
An arbitrary file read due to an insufficient path checks in a lesson question import available to teachers, managers and admins by default. (CVE-2022-35650)
A stored Cross-Site Scripting (XSS) and blind Server-Side Request Forgery (SSRF) vulnerabilities due to an insufficient sanitizing of SCORM track details. (CVE-2022-35651)
An open redirect vulnerability due to the lack of sanitization in the mobile auto-login URL. (CVE-2022-35652)
A Cross-Site Scripting (XSS) vulnerability in the LTI module only affecting unauthentication users. (CVE-2022-35653)
Note that the scanner has not attempted to exploit this issue but has instead relied only on application’s self-reported version number.
No source data
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35649
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35650
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35651
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35652
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35653
moodle.org/mod/forum/discuss.php?d=436456#p1756382
moodle.org/mod/forum/discuss.php?d=436457#p1756385
moodle.org/mod/forum/discuss.php?d=436458#p1756386
moodle.org/mod/forum/discuss.php?d=436459#p1756387
moodle.org/mod/forum/discuss.php?d=436460#p1756388