Lucene search
Veracode Vulnerability DatabaseVERACODE:39961HistoryMar 27, 2023 - 4:23 p.m.
Information Disclosure
2023-03-2716:23:58
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
moodle
vulnerability
information disclosure
user roles
EPSS
0.001
Percentile
35.2%
moodle/moodle is vulnerable to Information Disclosure. The vulnerability exists in the report_participation_print_filter_form function in locallib.php which allows a user to view user roles they aren’t allowed to view, resulting in information disclosure.
References
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-75517
github.com/advisories/GHSA-vj5p-fp42-774p
github.com/moodle/moodle/commit/f0a557bffbdb450648d0e4cedb391d14d8a0a253
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF/
lists.fedoraproject.org/archives/list/[email protected]/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF/
moodle.org/mod/forum/discuss.php?d=445069
Related
github
github
Moodle may display roles to users who don't have access to them
2023-03-23 21:30:19
cvelist
cvelist
prion
prion
Design/Logic Flaw
2023-03-23 21:15:00
osv
osv
BIT-moodle-2023-1402
2024-03-06 11:01:34
Moodle may display roles to users who don't have access to them
2023-03-23 21:30:19
CVE-2023-1402
2023-03-23 21:15:19
cve
cve
CVE-2023-1402
2023-03-23 21:15:19
ubuntucve
ubuntucve
CVE-2023-1402
2023-03-23 00:00:00
nvd
nvd
CVE-2023-1402
2023-03-23 21:15:19
vulnrichment
vulnrichment
nessus
nessus
Fedora 36 : moodle (2023-d9c13996b2)
2023-03-30 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: moodle-3.11.13-1.fc36
2023-03-30 01:16:28
openvas
openvas
Fedora: Security Advisory for moodle (FEDORA-2023-d9c13996b2)
2023-03-31 00:00:00