Moodle is vulnerable to denial of service (DoS) attacks. A malicious user can use the advanced-search feature on a database to cause a algorithmic complexity attack, leading to the service being unavailable.
git.moodle.org/gw?p=moodle.git&a=search&h=refs%2Fheads%2FMOODLE_22_STABLE&st=commit&s=MDL-32126
openwall.com/lists/oss-security/2012/07/17/1
secunia.com/advisories/49890
www.securityfocus.com/bid/54481
exchange.xforce.ibmcloud.com/vulnerabilities/76964
git.moodle.org/gw?p=moodle.git&a=search&h=refs%2Fheads%2FMOODLE_22_STABLE&st=commit&s=MDL-32126