classes/GoogleSpell.php in the PHP Spellchecker (aka Google Spellchecker) addon before 2.0.6.1 for TinyMCE, as used in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 and other products, does not properly handle control characters, which allows remote attackers to trigger arbitrary outbound HTTP requests via a crafted string.
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37283
openwall.com/lists/oss-security/2013/01/21/1
github.com/moodle/moodle
github.com/moodle/moodle/commit/6fac8f7f04c9fe7f8bbb54a9c00ec5f9ea4f09e0
github.com/moodle/moodle/commit/9803d8fc3ce08c8f8b88ad3a95d9a7c97678a3e3
github.com/moodle/moodle/commit/a3243760c243ddad76e91840134009c3681cb16a
github.com/moodle/moodle/commit/f938b1a89b8f381129120a37915d1b345333b3fb
github.com/tinymce/tinymce_spellchecker_php/commit/22910187bfb9edae90c26e10100d8145b505b974
moodle.org/mod/forum/discuss.php?d=220157
nvd.nist.gov/vuln/detail/CVE-2012-6112
web.archive.org/web/20121015010345/www.tinymce.com/develop/changelog/?type=phpspell
web.archive.org/web/20121129021911/www.tinymce.com/forum/viewtopic.php?id=30036