MSA-20-0004: Admin PHP unit webrunner tool requires additional input escaping
|
Información sobre el sistema
|
|
|
Software afectado |
PHP |
Descripción
|
von Michael Hawkins. Insufficient input escaping was applied to the PHP unit webrunner admin tool.NOTE: It is important to note that this update is only flagged as a precautionary measure, as it may provide limited CLI access to Moodle site admins. This may be considered a security risk in circumstances where admins do not ordinarily have access to the server CLI and/or in some hosting situations where site admins are not considered trusted users. This tool will also be removed entirely from
More info:
https://moodle.org/mod/forum/discuss.php?d=398352&parent=1606856 |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2020-1756. |