Lucene search

K

Veracode Vulnerability DatabaseVERACODE:37345

HistorySep 30, 2022 - 3:44 a.m.

Information Disclosure

2022-09-3003:44:46

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

6

0.001 Low

EPSS

Percentile

22.7%

moodle/moodle is vulnerable to information disclosure.The vulnerability exits in action_redir.php due to improper access control which allows an attacker to gain access to information in the file system via insufficient capability checks.

CPENameOperatorVersion
moodle/moodlelev3.11.2
moodle/moodlelev3.9.9
moodle/moodlelev3.10.6
moodle/moodlelev3.11.2
moodle/moodlelev3.9.9
moodle/moodlelev3.10.6

References

bugzilla.redhat.com/show_bug.cgi?id=2043414

github.com/advisories/GHSA-wr6q-xv23-rfq9

github.com/moodle/moodle/commit/1dfb62cbabe31031453c47ae0a1753f1a57ee695

github.com/moodle/moodle/commit/a937101b0680340276ff50cbc40910dccfc806ab

github.com/moodle/moodle/commit/e09e5f427b8c5713c0b06ded2f7122c112a35f82

github.com/moodle/moodle/commit/ec4c5a0e352facc49e2c70d56a6a814af4ab28f6

0.001 Low

EPSS

Percentile

22.7%

Related for VERACODE:37345

github1 cve1 prion1 osv3 nvd1 ubuntucve1 cvelist1 nessus3 openvas1