Lucene search
GitHub Advisory DatabaseGHSA-GP4W-F57R-9RX3HistorySep 30, 2022 - 12:00 a.m.
Moodle Exposure of Sensitive Information to an Unauthorized Actor
2022-09-3000:00:29
CWE-200
GitHub Advisory Database
github.com
3
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
6.7 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
22.7%
It was possible for a student to view their quiz grade before it had been released, using a quiz web service.
Affected configurations
Node
moodlemoodleRange<3.9.10
ORmoodlemoodleRange<3.10.7
ORmoodlemoodleRange<3.11.3
| CPE | Name | Operator | Version |
|---|---|---|---|
| moodle/moodle | lt | 3.9.10 | |
| moodle/moodle | lt | 3.10.7 | |
| moodle/moodle | lt | 3.11.3 |
Related
osv
osv
CVE-2021-40695
2022-09-29 03:15:14
BIT-moodle-2021-40695
2024-03-06 11:06:59
Moodle Exposure of Sensitive Information to an Unauthorized Actor
2022-09-30 00:00:29
cve
cve
CVE-2021-40695
2022-09-29 03:15:14
veracode
veracode
Information Disclosure
2022-09-30 08:24:31
ubuntucve
ubuntucve
CVE-2021-40695
2022-09-29 00:00:00
prion
prion
Code injection
2022-09-29 03:15:00
cvelist
cvelist
CVE-2021-40695
2022-01-21 18:17:48
nvd
nvd
CVE-2021-40695
2022-09-29 03:15:14
nessus
nessus
Moodle 3.9.x < 3.9.10 Multiple Vulnerabilities
2023-02-20 00:00:00
Moodle 3.10.x < 3.10.7 Multiple Vulnerabilities
2023-02-20 00:00:00
Moodle 3.11.x < 3.11.3 Multiple Vulnerabilities
2023-02-20 00:00:00
openvas
openvas
Moodle Session Hijack Vulnerability (MSA-21-0032)
2023-08-16 00:00:00
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
6.7 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
22.7%
Related for GHSA-GP4W-F57R-9RX3