CVE-2023-35132 Moodle: minor sql injection risk on mnet sso access control page

🗓️ 22 Jun 2023 00:00:00Reported by fedoraType

Moodle Mnet SSO page has SQL injection ris

Reporter	Title	Published	Views	Family All 69
ATTACKERKB	CVE-2023-35132	22 Jun 202321:15	–	attackerkb
CNNVD	Moodle SQL注入漏洞	19 Jun 202300:00	–	cnnvd
CVE	CVE-2023-35132	22 Jun 202300:00	–	cve
EUVD	EUVD-2023-1683	3 Oct 202520:07	–	euvd
Fedora	[SECURITY] Fedora 37 Update: moodle-4.1.4-1.fc37	30 Jun 202301:35	–	fedora
Fedora	[SECURITY] Fedora 38 Update: moodle-4.1.4-1.fc38	30 Jun 202301:22	–	fedora
Tenable Nessus	Fedora 38 : moodle (2023-3ca351353f)	30 Jun 202300:00	–	nessus
Tenable Nessus	Fedora 37 : moodle (2023-ce24b63b36)	30 Jun 202300:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2023-35132	5 Sep 202500:00	–	nessus
Tenable Nessus	Moodle 4.1.x < 4.1.4 Multiple Vulnerabilities	10 Apr 202500:00	–	nessus

[
  {
    "versions": [
      {
        "status": "affected",
        "version": "4.2.0",
        "lessThan": "4.2.1",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "4.1.0",
        "lessThan": "4.1.4",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "4.0.0",
        "lessThan": "4.0.9",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "3.11.0",
        "lessThan": "3.11.15",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "0",
        "lessThan": "3.9.22",
        "versionType": "semver"
      }
    ],
    "packageName": "moodle",
    "collectionURL": "https://git.moodle.org",
    "defaultStatus": "unaffected"
  }
]

Source	Link
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT/
moodle	www.moodle.org/mod/forum/discuss.php
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC/

19 Apr 2024 13:40Current

7High risk

Vulners AI Score7

CVSS 3.16.3

EPSS0.00802

CWE-89