CVE-2023-1402 Moodle: course participation report shows roles the user should not see

🗓️ 23 Mar 2023 00:00:00Reported by fedoraType

Moodle course participation report security fi

Reporter	Title	Published	Views	Family All 57
ATTACKERKB	CVE-2023-1402	23 Mar 202321:15	–	attackerkb
CNNVD	Moodle 安全漏洞	21 Mar 202300:00	–	cnnvd
CVE	CVE-2023-1402	23 Mar 202300:00	–	cve
Fedora	[SECURITY] Fedora 36 Update: moodle-3.11.13-1.fc36	30 Mar 202301:16	–	fedora
Tenable Nessus	Fedora 36 : moodle (2023-d9c13996b2)	30 Mar 202300:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2023-1402	3 Sep 202500:00	–	nessus
Tenable Nessus	Moodle 4.1.x < 4.1.2 Multiple Vulnerabilities	10 Apr 202500:00	–	nessus
Tenable Nessus	Moodle 4.0.x < 4.0.7 Multiple Vulnerabilities	10 Apr 202500:00	–	nessus
Tenable Nessus	Moodle 3.11.x < 3.11.13 Multiple Vulnerabilities	10 Apr 202500:00	–	nessus
Tenable Nessus	Moodle < 3.9.20 Multiple Vulnerabilities	10 Apr 202500:00	–	nessus

[
  {
    "versions": [
      {
        "status": "affected",
        "version": "4.1.0",
        "lessThan": "4.1.2",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "4.0.0",
        "lessThan": "4.0.7",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "3.11.0",
        "lessThan": "3.11.13",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "0",
        "lessThan": "3.9.20",
        "versionType": "semver"
      }
    ],
    "packageName": "moodle",
    "collectionURL": "https://git.moodle.org",
    "defaultStatus": "unaffected"
  }
]

Source	Link
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF/
moodle	www.moodle.org/mod/forum/discuss.php

19 Apr 2024 13:34Current

5.2Medium risk

Vulners AI Score5.2

EPSS0.00508

CWE-200