Lucene search
FedoraVULNRICHMENT:CVE-2023-28330HistoryMar 23, 2023 - 12:00 a.m.
CVE-2023-28330 Moodle: authenticated arbitrary file read through malformed backup file
2023-03-2300:00:00
CWE-20
fedora
github.com
moodle security risk
arbitrary file read
backup file.
Insufficient sanitizing in backup resulted in an arbitrary file read risk. The capability to access this feature is only available to teachers, managers and admins by default.
CNA Affected
[
{
"versions": [
{
"status": "affected",
"version": "4.1.0",
"lessThan": "4.1.2",
"versionType": "semver"
},
{
"status": "affected",
"version": "4.0.0",
"lessThan": "4.0.7",
"versionType": "semver"
},
{
"status": "affected",
"version": "3.11.0",
"lessThan": "3.11.13",
"versionType": "semver"
},
{
"status": "affected",
"version": "0",
"lessThan": "3.9.20",
"versionType": "semver"
}
],
"packageName": "moodle",
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected"
}
]Related
github
github
Moodle arbitrary file read vulnerability
2023-03-23 21:30:18
ubuntucve
ubuntucve
CVE-2023-28330
2023-03-23 00:00:00
cvelist
cvelist
cve
cve
CVE-2023-28330
2023-03-23 21:15:19
veracode
veracode
Arbitrary File Read
2023-03-29 07:29:13
prion
prion
Design/Logic Flaw
2023-03-23 21:15:00
osv
osv
BIT-moodle-2023-28330
2024-03-06 11:00:43
Moodle arbitrary file read vulnerability
2023-03-23 21:30:18
CVE-2023-28330
2023-03-23 21:15:19
nvd
nvd
CVE-2023-28330
2023-03-23 21:15:19
openvas
openvas
Moodle 3.9 < 3.9.20, 3.11 < 3.11.13, 4.0 < 4.0.7, 4.1 < 4.1.2 Multiple Vulnerabilities
2023-03-24 00:00:00
Fedora: Security Advisory for moodle (FEDORA-2023-d9c13996b2)
2023-03-31 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: moodle-3.11.13-1.fc36
2023-03-30 01:16:28
nessus
nessus
Fedora 36 : moodle (2023-d9c13996b2)
2023-03-30 00:00:00
6.7 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
45.7%
Related for VULNRICHMENT:CVE-2023-28330