CVE-2016-5013

MEDIUM

Moodle < 2.7.14 - Injection

Title source: rule

Description

In Moodle 2.x and 3.x, text injection can occur in email headers, potentially leading to outbound spam.

References (2)

Scores

CVSS v3 5.4
EPSS 0.0036
EPSS Percentile 58.0%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Classification

CWE
CWE-74
Status published

Affected Products (29)

moodle/moodle < 2.7.14
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
... and 14 more

Timeline

Published Jan 20, 2017
Tracked Since Feb 18, 2026