virus logo Intrusion Prevention

Moodle.filter_tex_sanitize_formula.Information.Disclosure

description-logoDescription

This indicates an attack attempt to exploit an Information Disclosure vulnerability in Moodle.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. A remote attacker may be able to read arbitrary files on the vulnerable host.

affected-products-logoAffected Products

Moodle 4.1 prior to 4.1.16 and earlier unsupported versions
Moodle 4.3 prior to 4.3.10
Moodle 4.4 prior to 4.4.6
Moodle 4.5 prior to 4.5.2

Impact logoImpact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

recomended-action-logoRecommended Actions

Upgrade to the latest version available from the website.
https://git.moodle.org/gw?p=moodle.git;a=commit;h=fbae5e1ed5a5e54ad845d7559d4c32bad477161e

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2025-04-14 31.989
Modified
 Default_action:pass:drop
2025-04-02 31.981
New
ID 57587
Created Mar 25, 2025
Updated Apr 11, 2025
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Exploit Prediction Score 0.29%
Default Action drop
Active
Affected OS Windows, Linux, BSD, Solaris, MacOS
Affected App PHP_app
Profile Type Information Disclosure