The SQL injection flaw in the open-source educational platform Moodle could enable an attacker to access sensitive information on any database server.
An attacker can also penetrate the system as a teacher and insert a malicious SQL query while creating custom badges.
This vulnerability can also be used to store XSS attacks.
"id": "MOO3359322",
"linkid": "moodle",
"type": "Vulnerability",
"date": "03/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"