7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Moodle is a free and open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment.Moodle suffers from an arbitrary file reading vulnerability, which stems from insufficient path checking and can be exploited by attackers to read arbitrary files.
CPE | Name | Operator | Version |
---|---|---|---|
Moodle Moodle >=3.9.0, | lt | 3.9.15 | |
Moodle Moodle >=3.11.0, | lt | 3.11.8 | |
Moodle Moodle >=4.0.0, | lt | 4.0.2 |