EPSS
Percentile
75.8%
Moodle is vulnerable to SQL Injection attacks. A malicious user can inject and execute arbitrary SQL queries through the badges/preferences.php when updating preferences.
badges/preferences.php
moodle.org/mod/forum/discuss.php?d=349419