EPSS
Percentile
42.2%
Moodle is vulnerable to SQL injection. Authenticated users can execute SQL commands through a calendar event. This is due to the library not validating the user input before executing the SQL command.
git.moodle.org/gw?p=moodle.git&a=search&h=refs%2Fheads%2FMOODLE_19_STABLE&st=commit&s=MDL-31746
openwall.com/lists/oss-security/2012/05/23/2