[MEDIUM] Moodle allows attackers to extract archives to arbitrary directories

PKSA-r8s2-5mc3-pv6n CVE-2015-2267 GHSA-cm4r-58pj-h2ph

Affected package: moodle/moodle

Affected version: >=2.8.0,<2.8.4|>=2.7.0,<2.7.6|<2.6.9

Reported by:
GitHub