CVE-2021-40694

Summary

Insufficient escaping of the LaTeX preamble made it possible for site administrators to read files available to the HTTP server system account.

Affected Software

VendorProductVersion RangeStatus
n/amoodle3.11 to 3.11.2, 3.10 to 3.10.6, 3.9 to 3.9.9 and earlier unsupported versionsaffected

Weaknesses

  • arbitrary file read

ADP Enrichment

CVE Program Container

Additional References

References