Ubuntu Security Notice USN-791-2 – Christian Eibl discovered that the TeX filter in Moodle allowed any function to be used. An authenticated remote attacker could post a specially crafted TeX formula to execute arbitrary TeX functions, potentially reading any file accessible to the web server user, leading to a loss of privacy.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/78633/USN-791-2.txt
Source: https://packetstormsecurity.com/files/78633/Ubuntu-Security-Notice-791-2.html