2023-05-02 23:55:27 +02:00
{
"id" : "CVE-2023-30943" ,
"sourceIdentifier" : "patrick@puiterwijk.org" ,
"published" : "2023-05-02T20:15:10.943" ,
2023-05-03 14:00:27 +02:00
"lastModified" : "2023-05-03T10:33:50.897" ,
"vulnStatus" : "Awaiting Analysis" ,
2023-05-02 23:55:27 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system."
}
] ,
"metrics" : { } ,
"weaknesses" : [
{
"source" : "patrick@puiterwijk.org" ,
"type" : "Secondary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-73"
}
]
}
] ,
"references" : [
{
"url" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77718" ,
"source" : "patrick@puiterwijk.org"
} ,
{
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2188605" ,
"source" : "patrick@puiterwijk.org"
} ,
{
"url" : "https://moodle.org/mod/forum/discuss.php?d=446285" ,
"source" : "patrick@puiterwijk.org"
}
]
}
