Lucene search
Veracode Vulnerability DatabaseVERACODE:33068HistoryNov 23, 2021 - 7:39 a.m.
Remote Code Execution (RCE)
2021-11-2307:39:47
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.001 Low
EPSS
Percentile
34.4%
moodle/moodle is vulnerable to remote code execution. The vulnerability exists due to an insecure direct object reference, allowing an attacker to fetch other users’ calendar action events.
| CPE | Name | Operator | Version |
|---|---|---|---|
| moodle/moodle | le | v3.11.3 | |
| moodle/moodle | le | v3.10.7 | |
| moodle/moodle | le | v3.9.9 | |
| moodle/moodle | le | v3.11.3 | |
| moodle/moodle | le | v3.10.7 | |
| moodle/moodle | le | v3.9.9 |
Related
nvd
nvd
CVE-2021-43560
2021-11-22 16:15:08
cnvd
cnvd
cvelist
cvelist
CVE-2021-43560
2021-11-22 16:00:22
github
github
Moodle Insecure direct object reference (IDOR) in a calendar web service
2022-05-24 19:21:10
prion
prion
Design/Logic Flaw
2021-11-22 16:15:00
osv
osv
BIT-moodle-2021-43560
2024-03-06 11:06:24
Moodle Insecure direct object reference (IDOR) in a calendar web service
2022-05-24 19:21:10
CVE-2021-43560
2021-11-22 16:15:08
cve
cve
CVE-2021-43560
2021-11-22 16:15:08
ubuntucve
ubuntucve
CVE-2021-43560
2021-11-22 00:00:00
nessus
nessus
Moodle 3.9.x < 3.9.11 Multiple Vulnerabilities
2023-02-20 00:00:00
Moodle 3.10.x < 3.10.8 Multiple Vulnerabilities
2023-02-20 00:00:00
Moodle 3.11.x < 3.11.4 Multiple Vulnerabilities
2023-02-20 00:00:00
openvas
openvas
Moodle < 3.9.11, 3.10.x < 3.10.8, 3.11.x < 3.11.4 Multiple Vulnerabilities
2021-11-23 00:00:00