CVE-2024-43425

Summary

A flaw was found in Moodle. Additional restrictions are required to avoid a remote code execution risk in calculated question types. Note: This requires the capability to add/update questions.

Affected Software

VendorProductVersion RangeStatus
0 < 4.1.12affected
4.2 < 4.2.9affected
4.3 < 4.3.6affected
4.4 < 4.4.2affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References