In Moodle 2.x and 3.x, text injection can occur in email headers, potentially leading to outbound spam.
{ "nvd_published_at": "2017-01-20T08:59:00Z", "cwe_ids": [ "CWE-74" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2023-07-28T22:10:13Z" }