Lucene search
FedoraVULNRICHMENT:CVE-2023-28334HistoryMar 23, 2023 - 12:00 a.m.
CVE-2023-28334 Moodle: users' name enumeration possible via idor on learning plans page
2023-03-2300:00:00
CWE-200
fedora
github.com
5
cve-2023-28334
moodle
users' name enumeration
idor
learning plans page
authenticated users
AI Score
6.7
Confidence
Low
EPSS
0.001
Percentile
21.0%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
Authenticated users were able to enumerate other users’ names via the learning plans page.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*"
],
"vendor": "moodle",
"product": "moodle",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "4.0.7",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:moodle:moodle:4.1.0:-:*:*:*:*:*:*"
],
"vendor": "moodle",
"product": "moodle",
"versions": [
{
"status": "affected",
"version": "4.1.0",
"lessThan": "4.1.2",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]Related
cvelist
cvelist
veracode
veracode
Information Disclosure
2023-03-29 04:45:25
osv
osv
CVE-2023-28334
2023-03-23 21:15:20
BIT-moodle-2023-28334
2024-03-06 11:00:05
prion
prion
Code injection
2023-03-23 21:15:00
nvd
nvd
CVE-2023-28334
2023-03-23 21:15:20
ubuntucve
ubuntucve
CVE-2023-28334
2023-03-23 00:00:00
github
github
openvas
openvas
Moodle 4.0 < 4.0.7, 4.1 < 4.1.2 IDOR Vulnerability
2023-03-24 00:00:00
cve
cve
CVE-2023-28334
2023-03-23 21:15:20
AI Score
6.7
Confidence
Low
EPSS
0.001
Percentile
21.0%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2023-28334