Lucene search
FedoraVULNRICHMENT:CVE-2023-28329HistoryMar 23, 2023 - 12:00 a.m.
CVE-2023-28329 Moodle: authenticated sql injection via availability check
2023-03-2300:00:00
CWE-89
fedora
github.com
1
cve-2023-28329
moodle
sql injection
profile field
availability check
authentication
teachers
managers
Insufficient validation of profile field availability condition resulted in an SQL injection risk (by default only available to teachers and managers).
CNA Affected
[
{
"versions": [
{
"status": "affected",
"version": "4.1.0",
"lessThan": "4.1.2",
"versionType": "semver"
},
{
"status": "affected",
"version": "4.0.0",
"lessThan": "4.0.7",
"versionType": "semver"
},
{
"status": "affected",
"version": "3.11.0",
"lessThan": "3.11.13",
"versionType": "semver"
},
{
"status": "affected",
"version": "0",
"lessThan": "3.9.20",
"versionType": "semver"
}
],
"packageName": "moodle",
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected"
}
]Related
osv
osv
BIT-moodle-2023-28329
2024-03-06 11:00:53
Moodle SQL Injection vulnerability
2023-03-23 21:30:18
CVE-2023-28329
2023-03-23 21:15:19
prion
prion
Sql injection
2023-03-23 21:15:00
github
github
Moodle SQL Injection vulnerability
2023-03-23 21:30:18
veracode
veracode
SQL Injection
2023-03-27 05:17:44
nvd
nvd
CVE-2023-28329
2023-03-23 21:15:19
ubuntucve
ubuntucve
CVE-2023-28329
2023-03-23 00:00:00
cvelist
cvelist
CVE-2023-28329 Moodle: authenticated sql injection via availability check
2023-03-23 00:00:00
cve
cve
CVE-2023-28329
2023-03-23 21:15:19
openvas
openvas
Moodle 3.9 < 3.9.20, 3.11 < 3.11.13, 4.0 < 4.0.7, 4.1 < 4.1.2 Multiple Vulnerabilities
2023-03-24 00:00:00
Fedora: Security Advisory for moodle (FEDORA-2023-d9c13996b2)
2023-03-31 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: moodle-3.11.13-1.fc36
2023-03-30 01:16:28
nessus
nessus
Fedora 36 : moodle (2023-d9c13996b2)
2023-03-30 00:00:00
7.7 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
54.3%
Related for VULNRICHMENT:CVE-2023-28329