An issue exists in Moodle 3.x. By substituting URLs in portfolios, users can instantiate any class. This can also be exploited by users who are logged in as guests to create a DDoS attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
moodle moodle |