CVE-2021-21809: Incorrect Permission Assignment for Critical Resource
(updated )
A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities.
References
Detect and mitigate CVE-2021-21809 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →