I need to address this vulnerability in our MOODLE instance:
File Upload Capability allows a Web user to send a file from his or her computer to the Web server. If the Web application that receives the file does not carefully examine it for malicious content, an attacker may be able to use file uploads to execute arbitrary commands on the server. Arbitrary command execution may allow an attacker access to the server with the permissions of the Web server or script engine user. Additionally, it may be possible to upload viruses or other malware. Vulnerable
This findings came from our IT department when they did a security scan.
How do I address this type of vulnerability?