Moodle CVE-2017-2641 SQL Injection Vulnerability
Description
PoC was presented of SQL injection by an ordinary registered user on Moodle 3.2 via web interface. Similar scenario could be used in previous versions of Moodle but only by managers/admins and only via web services.
Affected Applications
Moodle