EPSS
Percentile
37.0%
moodle/moodle is vulnerable to SQL Injection attacks. The library does not properly sanitize the keepalive_server function in the auth.php file allowing a malicious user to inject and execute malicious XML-RPC requests via the MNet peer.
keepalive_server
auth.php
github.com/moodle/moodle/commit/9f4404e80d26607d53e23a666f5a22b29b471fe7
moodle.org/mod/forum/discuss.php?d=422308