Lucene search
FedoraCVELIST:CVE-2023-28334HistoryMar 23, 2023 - 12:00 a.m.
CVE-2023-28334 Moodle: users' name enumeration possible via idor on learning plans page
2023-03-2300:00:00
CWE-200
fedora
www.cve.org
8
cve-2023-28334
moodle
idor
learning plans
user enumeration
vulnerability
Authenticated users were able to enumerate other users’ names via the learning plans page.
CNA Affected
[
{
"versions": [
{
"status": "affected",
"version": "4.1.0",
"lessThan": "4.1.2",
"versionType": "semver"
},
{
"status": "affected",
"version": "4.0.0",
"lessThan": "4.0.7",
"versionType": "semver"
}
],
"packageName": "moodle",
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected"
}
]Related
veracode
veracode
Information Disclosure
2023-03-29 04:45:25
osv
osv
CVE-2023-28334
2023-03-23 21:15:20
BIT-moodle-2023-28334
2024-03-06 11:00:05
vulnrichment
vulnrichment
prion
prion
Code injection
2023-03-23 21:15:00
nvd
nvd
CVE-2023-28334
2023-03-23 21:15:20
ubuntucve
ubuntucve
CVE-2023-28334
2023-03-23 00:00:00
github
github
openvas
openvas
Moodle 4.0 < 4.0.7, 4.1 < 4.1.2 IDOR Vulnerability
2023-03-24 00:00:00
cve
cve
CVE-2023-28334
2023-03-23 21:15:20