Common Vulnerabilities and Exposures assigned an identifier CVE-2013-3630 to the following vulnerability: Name: CVE-2013-3630 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3630 [Open">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3630">Open URL] Assigned: 20130521 Reference: https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-one [Open">https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-one">Open URL] Reference: https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats [Open">https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats">Open URL] Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor.
Created moodle tracking bugs for this issue: Affects: fedora-all [bug 1025655] Affects: epel-all [bug 1025656]