CVE-2017-2641

NameCVE-2017-2641
DescriptionIn Moodle 2.x and 3.x, SQL injection can occur via user preferences.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severityhigh (attack range: remote)

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
moodlesource(unstable)2.7.19+dfsg-1high

Notes

https://tracker.moodle.org/browse/MDL-58010
https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-58010

Search for package or bug name: Reporting problems