CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:S/C:P/I:P/A:P
EPSS
Percentile
58.7%
Moodle before 1.6.2, when the configuration lacks (1) algebra or (2) tex
filters, allows remote authenticated users to write LaTeX or MimeTeX output
files to the top level of the dataroot directory via (a)
filter/algebra/pix.php or (b) filter/tex/pix.php.