CVE-2017-2641by Jeremyin Security Bulletinson Posted on March 28, 2017 In Moodle 2.x and 3.x, SQL injection can occur via user preferences.