Moodle Input Validation Error Vulnerability (CNVD-2020-46494)

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. An input validation error vulnerability exists in Moodle, which stems from yuicombo failing to properly validate user input. A remote...

CVE-2012-4403

theme/yuicombo.php in Moodle 2.3.x before 2.3.2 does not properly construct error responses for the drag-and-drop script, which allows remote attackers to obtain the installation path by sending a request for a nonexistent resource and then reading the response...