发布于3月6日3月6日 Members Moodle: Unspecified Security Vulnerability (CVE-2023-28330) Severity 7 CVSS (AV:N/AC:L/Au:S/C:C/I:N/A:N) Published 03/23/2023 Created 03/29/2023 Added 03/29/2023 Modified 01/28/2025 Description Insufficient sanitizing in backup resulted in an arbitrary file read risk. The capability to access this feature is only available to teachers, managers and admins by default. Solution(s) moodle-upgrade-3_11_13 moodle-upgrade-3_9_20 moodle-upgrade-4_0_7 References https://attackerkb.com/topics/cve-2023-28330 CVE - 2023-28330 https://bugzilla.redhat.com/show_bug.cgi?id=2179412 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF/ https://moodle.org/mod/forum/discuss.php?d=445062
