GHSA-M63H-Q4X3-6HWJ Moodle is vulnerable to Improper Input Validation in MoodleQuickForm class

The MoodleQuickForm class in lib/formslib.php in Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not properly handle a certain array-element syntax, which allows remote attackers to bypass intended form-data filtering via a crafted request...

PT-2012-2878 · Moodle · Moodle

Name of the Vulnerable Software and Affected Versions: Moodle versions 2.1.x through 2.1.3 Moodle versions 2.2.x through 2.2.0 Description: The issue in lib/formslib.php does not properly handle multiple instances of a form element. This has unspecified impact and remote attack vectors...