CVE 7.2 HIGH

Moodle: moodle: improper input sanitization in tex filter administration setting_CVE-2026-26046

February 21, 2026 invoker category_cve
7.2 / 10
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Description

A vulnerability was found in a Moodle TeX filter administrative setting where insufficient sanitization of configuration input could allow command injection. On sites where the TeX filter is enabled and ImageMagick is installed, a maliciously crafted setting value entered by an administrator could result in unintended system command execution. While exploitation requires administrative privileges, successful compromise could affect the entire Moodle server.

Basic Information

ID CVE-2026-26046
Source fedora
Published Feb 21, 2026 at 05:40

Affected Product

Version 5.1.0
Affected Versions 0
5.0.0
5.1.0

CWE Classification

CWE-78

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.