Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/moodle/moodle@3.1.4
Typecomposer
Namespacemoodle
Namemoodle
Version3.1.4
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.5.17
Latest_non_vulnerable_version5.1.2
Affected_by_vulnerabilities
0
url VCID-2dxb-v1af-jbax
vulnerability_id VCID-2dxb-v1af-jbax
summary 
Cross-Site Request Forgery (CSRF)
A CSRF attack is possible that allows attackers to change the "number of courses displayed in the course overview block" configuration setting.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7491
reference_id
reference_type
scores
0
value 0.00122
scoring_system epss
scoring_elements 0.30767
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7491
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=352355
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=352355
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7491
reference_id CVE-2017-7491
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-7491
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.5
purl pkg:composer/moodle/moodle@3.1.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8mgr-gdzj-4ybs
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-9t4u-n1pn-w3bd
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-b7br-bh2d-rygp
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-ckg1-9vpt-yfdk
12
vulnerability VCID-deur-8zdf-2kh2
13
vulnerability VCID-duna-st9c-mqbk
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fegs-ubsk-63hu
16
vulnerability VCID-g8ct-c4ce-zuaf
17
vulnerability VCID-jcq6-btgz-fkf6
18
vulnerability VCID-k73h-z6j8-gkgz
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-p2gd-7uam-mqf8
24
vulnerability VCID-q2fa-jymp-c3bb
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-qxsq-ku22-r7gx
27
vulnerability VCID-r6kn-b963-eqge
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vfp6-4h8n-bkax
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-yghg-775s-vber
34
vulnerability VCID-yp82-zj5g-pbaf
35
vulnerability VCID-zgzm-wj81-jkah
36
vulnerability VCID-zjrq-np3y-hua5
37
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.5
1
url pkg:composer/moodle/moodle@3.1.6
purl pkg:composer/moodle/moodle@3.1.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8mgr-gdzj-4ybs
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-9t4u-n1pn-w3bd
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-b7br-bh2d-rygp
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-ckg1-9vpt-yfdk
12
vulnerability VCID-deur-8zdf-2kh2
13
vulnerability VCID-duna-st9c-mqbk
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fegs-ubsk-63hu
16
vulnerability VCID-g8ct-c4ce-zuaf
17
vulnerability VCID-jcq6-btgz-fkf6
18
vulnerability VCID-k73h-z6j8-gkgz
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-p2gd-7uam-mqf8
24
vulnerability VCID-q2fa-jymp-c3bb
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-qxsq-ku22-r7gx
27
vulnerability VCID-r6kn-b963-eqge
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vfp6-4h8n-bkax
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-yghg-775s-vber
34
vulnerability VCID-yp82-zj5g-pbaf
35
vulnerability VCID-zgzm-wj81-jkah
36
vulnerability VCID-zjrq-np3y-hua5
37
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.6
2
url pkg:composer/moodle/moodle@3.2.3
purl pkg:composer/moodle/moodle@3.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-9nd7-4wve-97hc
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-b7br-bh2d-rygp
6
vulnerability VCID-ckg1-9vpt-yfdk
7
vulnerability VCID-duna-st9c-mqbk
8
vulnerability VCID-eu27-a3px-87ed
9
vulnerability VCID-fegs-ubsk-63hu
10
vulnerability VCID-g8ct-c4ce-zuaf
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-nc2j-pay7-ryab
16
vulnerability VCID-nntc-dsz1-e3fp
17
vulnerability VCID-p2gd-7uam-mqf8
18
vulnerability VCID-q2fa-jymp-c3bb
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-w9ca-exua-g7ar
21
vulnerability VCID-x7rg-rsb5-pya7
22
vulnerability VCID-y8up-cqtu-jkdw
23
vulnerability VCID-yghg-775s-vber
24
vulnerability VCID-yp82-zj5g-pbaf
25
vulnerability VCID-zgzm-wj81-jkah
26
vulnerability VCID-zjrq-np3y-hua5
27
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.3
aliases CVE-2017-7491, GHSA-3hmr-948v-5qgq
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2dxb-v1af-jbax
1
url VCID-2s6b-tp6p-gue1
vulnerability_id VCID-2s6b-tp6p-gue1
summary 
Cross-Site Request Forgery (CSRF)
A sesskey (CSRF) token was not being utilised by the XML loading/unloading admin tool.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10186
reference_id
reference_type
scores
0
value 0.00371
scoring_system epss
scoring_elements 0.59199
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10186
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10186
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10186
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/ea1ac3c7efbddbdb210ea4c75e7156c7d7ee914b
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/ea1ac3c7efbddbdb210ea4c75e7156c7d7ee914b
4
reference_url https://moodle.org/mod/forum/discuss.php?d=388567#p1566329
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=388567#p1566329
5
reference_url https://web.archive.org/web/20210125055044/https://www.securityfocus.com/bid/109175
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210125055044/https://www.securityfocus.com/bid/109175
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10186
reference_id CVE-2019-10186
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10186
fixed_packages
0
url pkg:composer/moodle/moodle@3.5.7
purl pkg:composer/moodle/moodle@3.5.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-42fa-qbft-rfff
2
vulnerability VCID-56wj-4124-ryd2
3
vulnerability VCID-6m19-4krm-2udd
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-bbj9-hpz3-xqhh
6
vulnerability VCID-c1a1-z5m1-nfbc
7
vulnerability VCID-dpd2-1sqc-qqfy
8
vulnerability VCID-fskk-cb95-uqer
9
vulnerability VCID-gnez-ehgq-rfbr
10
vulnerability VCID-hhzz-hbqz-akfw
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-jcsq-3q5z-4kc6
13
vulnerability VCID-kgva-z9gg-u3dw
14
vulnerability VCID-mhm4-8kuk-t7b6
15
vulnerability VCID-mkfz-e1ft-2bcw
16
vulnerability VCID-mqde-66zm-qbbj
17
vulnerability VCID-nntc-dsz1-e3fp
18
vulnerability VCID-paj4-nq1r-jbd3
19
vulnerability VCID-pgfa-bkaw-q7cq
20
vulnerability VCID-w2b2-fuky-j3ff
21
vulnerability VCID-y8up-cqtu-jkdw
22
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7
1
url pkg:composer/moodle/moodle@3.6.5
purl pkg:composer/moodle/moodle@3.6.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a6pb-47tu-afcg
1
vulnerability VCID-hhzz-hbqz-akfw
2
vulnerability VCID-jcq6-btgz-fkf6
3
vulnerability VCID-kgva-z9gg-u3dw
4
vulnerability VCID-n5tc-1k33-dfeq
5
vulnerability VCID-paj4-nq1r-jbd3
6
vulnerability VCID-w2b2-fuky-j3ff
7
vulnerability VCID-y8up-cqtu-jkdw
8
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.5
2
url pkg:composer/moodle/moodle@3.7.1
purl pkg:composer/moodle/moodle@3.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-3uvf-6ztd-xkaf
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-494p-pmxw-b7e2
4
vulnerability VCID-56wj-4124-ryd2
5
vulnerability VCID-6m19-4krm-2udd
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-c14d-1sa2-rkf6
8
vulnerability VCID-c1a1-z5m1-nfbc
9
vulnerability VCID-fskk-cb95-uqer
10
vulnerability VCID-hhzz-hbqz-akfw
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-jcsq-3q5z-4kc6
13
vulnerability VCID-kgva-z9gg-u3dw
14
vulnerability VCID-n5tc-1k33-dfeq
15
vulnerability VCID-paj4-nq1r-jbd3
16
vulnerability VCID-w2b2-fuky-j3ff
17
vulnerability VCID-y8up-cqtu-jkdw
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1
aliases CVE-2019-10186, GHSA-wv9c-pfpm-4wc5
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2s6b-tp6p-gue1
2
url VCID-336n-hpzg-euhd
vulnerability_id VCID-336n-hpzg-euhd
summary 
Cross-site Scripting
The 'manage groups' capability did not have the 'XSS risk' flag assigned to it, but does have that access in certain places. Note that the capability is intended for use by trusted users, and is only assigned to teachers and managers by default.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-64395
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-64395
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3808
reference_id
reference_type
scores
0
value 0.00173
scoring_system epss
scoring_elements 0.38478
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3808
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3808
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3808
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/6360f87cdca744a6a71c315853f6d811a3e54e26
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/6360f87cdca744a6a71c315853f6d811a3e54e26
5
reference_url https://moodle.org/mod/forum/discuss.php?d=381228#p1536765
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=381228#p1536765
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-3808
reference_id CVE-2019-3808
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-3808
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.16
purl pkg:composer/moodle/moodle@3.1.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qhv1-wgpm-7fh6
9
vulnerability VCID-qxsq-ku22-r7gx
10
vulnerability VCID-r6kn-b963-eqge
11
vulnerability VCID-s6uu-335k-yfbc
12
vulnerability VCID-w9ca-exua-g7ar
13
vulnerability VCID-x7rg-rsb5-pya7
14
vulnerability VCID-y8up-cqtu-jkdw
15
vulnerability VCID-zjrq-np3y-hua5
16
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.16
1
url pkg:composer/moodle/moodle@3.4.7
purl pkg:composer/moodle/moodle@3.4.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qhv1-wgpm-7fh6
9
vulnerability VCID-qxsq-ku22-r7gx
10
vulnerability VCID-r6kn-b963-eqge
11
vulnerability VCID-s6uu-335k-yfbc
12
vulnerability VCID-w9ca-exua-g7ar
13
vulnerability VCID-x7rg-rsb5-pya7
14
vulnerability VCID-y8up-cqtu-jkdw
15
vulnerability VCID-zjrq-np3y-hua5
16
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.7
2
url pkg:composer/moodle/moodle@3.5.4
purl pkg:composer/moodle/moodle@3.5.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-3cb4-wz6x-ckcd
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-56wj-4124-ryd2
4
vulnerability VCID-6m19-4krm-2udd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-akv3-zfp8-kkc7
7
vulnerability VCID-bbj9-hpz3-xqhh
8
vulnerability VCID-c1a1-z5m1-nfbc
9
vulnerability VCID-deur-8zdf-2kh2
10
vulnerability VCID-dpd2-1sqc-qqfy
11
vulnerability VCID-eu27-a3px-87ed
12
vulnerability VCID-fskk-cb95-uqer
13
vulnerability VCID-gnez-ehgq-rfbr
14
vulnerability VCID-hhzz-hbqz-akfw
15
vulnerability VCID-jcq6-btgz-fkf6
16
vulnerability VCID-jcsq-3q5z-4kc6
17
vulnerability VCID-kgva-z9gg-u3dw
18
vulnerability VCID-m3np-aebb-8qaa
19
vulnerability VCID-mhm4-8kuk-t7b6
20
vulnerability VCID-mkfz-e1ft-2bcw
21
vulnerability VCID-mqde-66zm-qbbj
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-paj4-nq1r-jbd3
24
vulnerability VCID-pgfa-bkaw-q7cq
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-qxsq-ku22-r7gx
27
vulnerability VCID-r6kn-b963-eqge
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-w2b2-fuky-j3ff
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-zjrq-np3y-hua5
34
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.4
3
url pkg:composer/moodle/moodle@3.6.2
purl pkg:composer/moodle/moodle@3.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-akv3-zfp8-kkc7
3
vulnerability VCID-deur-8zdf-2kh2
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-hhzz-hbqz-akfw
6
vulnerability VCID-jcq6-btgz-fkf6
7
vulnerability VCID-kgva-z9gg-u3dw
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-n5tc-1k33-dfeq
10
vulnerability VCID-paj4-nq1r-jbd3
11
vulnerability VCID-qhv1-wgpm-7fh6
12
vulnerability VCID-qxsq-ku22-r7gx
13
vulnerability VCID-r6kn-b963-eqge
14
vulnerability VCID-s6uu-335k-yfbc
15
vulnerability VCID-w2b2-fuky-j3ff
16
vulnerability VCID-w9ca-exua-g7ar
17
vulnerability VCID-x7rg-rsb5-pya7
18
vulnerability VCID-y8up-cqtu-jkdw
19
vulnerability VCID-zjrq-np3y-hua5
20
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.2
aliases CVE-2019-3808, GHSA-4r2p-wpv5-683w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-336n-hpzg-euhd
3
url VCID-4rz2-b4e3-87g5
vulnerability_id VCID-4rz2-b4e3-87g5
summary 
Injection Vulnerability
When a quiz question bank is imported, it is possible for the question preview that is displayed to execute JavaScript that is written into the question bank.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-10891
reference_id
reference_type
scores
0
value 0.00363
scoring_system epss
scoring_elements 0.58649
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-10891
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10891
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10891
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/0b18d0c960c27994dd9870d286f2da3fa5868c06
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/0b18d0c960c27994dd9870d286f2da3fa5868c06
4
reference_url https://moodle.org/mod/forum/discuss.php?d=373371
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=373371
5
reference_url https://web.archive.org/web/20210124185945/https://www.securityfocus.com/bid/104739
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210124185945/https://www.securityfocus.com/bid/104739
6
reference_url http://www.securityfocus.com/bid/104739
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/104739
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-10891
reference_id CVE-2018-10891
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-10891
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.13
purl pkg:composer/moodle/moodle@3.1.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-9t4u-n1pn-w3bd
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-deur-8zdf-2kh2
6
vulnerability VCID-eu27-a3px-87ed
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-k73h-z6j8-gkgz
9
vulnerability VCID-m3np-aebb-8qaa
10
vulnerability VCID-mkfz-e1ft-2bcw
11
vulnerability VCID-nntc-dsz1-e3fp
12
vulnerability VCID-qhv1-wgpm-7fh6
13
vulnerability VCID-qxsq-ku22-r7gx
14
vulnerability VCID-r6kn-b963-eqge
15
vulnerability VCID-s6uu-335k-yfbc
16
vulnerability VCID-vfp6-4h8n-bkax
17
vulnerability VCID-w9ca-exua-g7ar
18
vulnerability VCID-x7rg-rsb5-pya7
19
vulnerability VCID-y8up-cqtu-jkdw
20
vulnerability VCID-zjrq-np3y-hua5
21
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.13
1
url pkg:composer/moodle/moodle@3.2.10
purl pkg:composer/moodle/moodle@3.2.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.10
2
url pkg:composer/moodle/moodle@3.3.7
purl pkg:composer/moodle/moodle@3.3.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-bjnq-q2nd-1khp
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qhv1-wgpm-7fh6
9
vulnerability VCID-vfp6-4h8n-bkax
10
vulnerability VCID-w9ca-exua-g7ar
11
vulnerability VCID-x7rg-rsb5-pya7
12
vulnerability VCID-x9vd-njdz-jua9
13
vulnerability VCID-y8up-cqtu-jkdw
14
vulnerability VCID-zjrq-np3y-hua5
15
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.7
3
url pkg:composer/moodle/moodle@3.4.4
purl pkg:composer/moodle/moodle@3.4.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-bjnq-q2nd-1khp
4
vulnerability VCID-deur-8zdf-2kh2
5
vulnerability VCID-eu27-a3px-87ed
6
vulnerability VCID-jcq6-btgz-fkf6
7
vulnerability VCID-k73h-z6j8-gkgz
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-mkfz-e1ft-2bcw
10
vulnerability VCID-nntc-dsz1-e3fp
11
vulnerability VCID-qhv1-wgpm-7fh6
12
vulnerability VCID-qxsq-ku22-r7gx
13
vulnerability VCID-r6kn-b963-eqge
14
vulnerability VCID-s6uu-335k-yfbc
15
vulnerability VCID-vfp6-4h8n-bkax
16
vulnerability VCID-w9ca-exua-g7ar
17
vulnerability VCID-x7rg-rsb5-pya7
18
vulnerability VCID-x9vd-njdz-jua9
19
vulnerability VCID-y8up-cqtu-jkdw
20
vulnerability VCID-zjrq-np3y-hua5
21
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.4
4
url pkg:composer/moodle/moodle@3.5.1
purl pkg:composer/moodle/moodle@3.5.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-3cb4-wz6x-ckcd
3
vulnerability VCID-42fa-qbft-rfff
4
vulnerability VCID-56wj-4124-ryd2
5
vulnerability VCID-6m19-4krm-2udd
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-akv3-zfp8-kkc7
8
vulnerability VCID-bbj9-hpz3-xqhh
9
vulnerability VCID-bjnq-q2nd-1khp
10
vulnerability VCID-c1a1-z5m1-nfbc
11
vulnerability VCID-deur-8zdf-2kh2
12
vulnerability VCID-dpd2-1sqc-qqfy
13
vulnerability VCID-eu27-a3px-87ed
14
vulnerability VCID-fskk-cb95-uqer
15
vulnerability VCID-gnez-ehgq-rfbr
16
vulnerability VCID-hhzz-hbqz-akfw
17
vulnerability VCID-jcq6-btgz-fkf6
18
vulnerability VCID-jcsq-3q5z-4kc6
19
vulnerability VCID-k73h-z6j8-gkgz
20
vulnerability VCID-kgva-z9gg-u3dw
21
vulnerability VCID-m3np-aebb-8qaa
22
vulnerability VCID-mhm4-8kuk-t7b6
23
vulnerability VCID-mkfz-e1ft-2bcw
24
vulnerability VCID-mqde-66zm-qbbj
25
vulnerability VCID-nntc-dsz1-e3fp
26
vulnerability VCID-paj4-nq1r-jbd3
27
vulnerability VCID-pgfa-bkaw-q7cq
28
vulnerability VCID-qhv1-wgpm-7fh6
29
vulnerability VCID-qxsq-ku22-r7gx
30
vulnerability VCID-r6kn-b963-eqge
31
vulnerability VCID-s6uu-335k-yfbc
32
vulnerability VCID-vfp6-4h8n-bkax
33
vulnerability VCID-w2b2-fuky-j3ff
34
vulnerability VCID-w9ca-exua-g7ar
35
vulnerability VCID-x7rg-rsb5-pya7
36
vulnerability VCID-x9vd-njdz-jua9
37
vulnerability VCID-y8up-cqtu-jkdw
38
vulnerability VCID-zjrq-np3y-hua5
39
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.1
aliases CVE-2018-10891, GHSA-p7v9-gjrh-563x
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4rz2-b4e3-87g5
4
url VCID-5rbf-4dz3-2qdz
vulnerability_id VCID-5rbf-4dz3-2qdz
summary 
Improper Privilege Management
Remote authenticated users can take ownership of arbitrary blogs by editing an external blog link.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7489
reference_id
reference_type
scores
0
value 0.00316
scoring_system epss
scoring_elements 0.54962
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7489
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=352353
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=352353
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7489
reference_id CVE-2017-7489
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-7489
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.5
purl pkg:composer/moodle/moodle@3.1.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8mgr-gdzj-4ybs
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-9t4u-n1pn-w3bd
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-b7br-bh2d-rygp
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-ckg1-9vpt-yfdk
12
vulnerability VCID-deur-8zdf-2kh2
13
vulnerability VCID-duna-st9c-mqbk
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fegs-ubsk-63hu
16
vulnerability VCID-g8ct-c4ce-zuaf
17
vulnerability VCID-jcq6-btgz-fkf6
18
vulnerability VCID-k73h-z6j8-gkgz
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-p2gd-7uam-mqf8
24
vulnerability VCID-q2fa-jymp-c3bb
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-qxsq-ku22-r7gx
27
vulnerability VCID-r6kn-b963-eqge
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vfp6-4h8n-bkax
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-yghg-775s-vber
34
vulnerability VCID-yp82-zj5g-pbaf
35
vulnerability VCID-zgzm-wj81-jkah
36
vulnerability VCID-zjrq-np3y-hua5
37
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.5
1
url pkg:composer/moodle/moodle@3.1.6
purl pkg:composer/moodle/moodle@3.1.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8mgr-gdzj-4ybs
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-9t4u-n1pn-w3bd
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-b7br-bh2d-rygp
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-ckg1-9vpt-yfdk
12
vulnerability VCID-deur-8zdf-2kh2
13
vulnerability VCID-duna-st9c-mqbk
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fegs-ubsk-63hu
16
vulnerability VCID-g8ct-c4ce-zuaf
17
vulnerability VCID-jcq6-btgz-fkf6
18
vulnerability VCID-k73h-z6j8-gkgz
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-p2gd-7uam-mqf8
24
vulnerability VCID-q2fa-jymp-c3bb
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-qxsq-ku22-r7gx
27
vulnerability VCID-r6kn-b963-eqge
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vfp6-4h8n-bkax
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-yghg-775s-vber
34
vulnerability VCID-yp82-zj5g-pbaf
35
vulnerability VCID-zgzm-wj81-jkah
36
vulnerability VCID-zjrq-np3y-hua5
37
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.6
2
url pkg:composer/moodle/moodle@3.2.3
purl pkg:composer/moodle/moodle@3.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-9nd7-4wve-97hc
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-b7br-bh2d-rygp
6
vulnerability VCID-ckg1-9vpt-yfdk
7
vulnerability VCID-duna-st9c-mqbk
8
vulnerability VCID-eu27-a3px-87ed
9
vulnerability VCID-fegs-ubsk-63hu
10
vulnerability VCID-g8ct-c4ce-zuaf
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-nc2j-pay7-ryab
16
vulnerability VCID-nntc-dsz1-e3fp
17
vulnerability VCID-p2gd-7uam-mqf8
18
vulnerability VCID-q2fa-jymp-c3bb
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-w9ca-exua-g7ar
21
vulnerability VCID-x7rg-rsb5-pya7
22
vulnerability VCID-y8up-cqtu-jkdw
23
vulnerability VCID-yghg-775s-vber
24
vulnerability VCID-yp82-zj5g-pbaf
25
vulnerability VCID-zgzm-wj81-jkah
26
vulnerability VCID-zjrq-np3y-hua5
27
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.3
aliases CVE-2017-7489, GHSA-m34m-fgh4-v7cx
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5rbf-4dz3-2qdz
5
url VCID-83kb-4mk9-t7ge
vulnerability_id VCID-83kb-4mk9-t7ge
summary 
Information Exposure
Students can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This allows enumerating and guessing emails of other students.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-15110
reference_id
reference_type
scores
0
value 0.00237
scoring_system epss
scoring_elements 0.46726
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-15110
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=361784
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=361784
3
reference_url http://www.securityfocus.com/bid/101909
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/101909
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-15110
reference_id CVE-2017-15110
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-15110
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.9
purl pkg:composer/moodle/moodle@3.1.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-9t4u-n1pn-w3bd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-b7br-bh2d-rygp
8
vulnerability VCID-bjnq-q2nd-1khp
9
vulnerability VCID-ckg1-9vpt-yfdk
10
vulnerability VCID-deur-8zdf-2kh2
11
vulnerability VCID-duna-st9c-mqbk
12
vulnerability VCID-eu27-a3px-87ed
13
vulnerability VCID-fegs-ubsk-63hu
14
vulnerability VCID-g8ct-c4ce-zuaf
15
vulnerability VCID-jcq6-btgz-fkf6
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-m4zv-e3dn-budf
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-nntc-dsz1-e3fp
21
vulnerability VCID-p2gd-7uam-mqf8
22
vulnerability VCID-qhv1-wgpm-7fh6
23
vulnerability VCID-qxsq-ku22-r7gx
24
vulnerability VCID-r6kn-b963-eqge
25
vulnerability VCID-s6uu-335k-yfbc
26
vulnerability VCID-vfp6-4h8n-bkax
27
vulnerability VCID-w9ca-exua-g7ar
28
vulnerability VCID-x7rg-rsb5-pya7
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.9
1
url pkg:composer/moodle/moodle@3.2.6
purl pkg:composer/moodle/moodle@3.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-ajkr-fxa1-mkhk
3
vulnerability VCID-b7br-bh2d-rygp
4
vulnerability VCID-ckg1-9vpt-yfdk
5
vulnerability VCID-duna-st9c-mqbk
6
vulnerability VCID-eu27-a3px-87ed
7
vulnerability VCID-fegs-ubsk-63hu
8
vulnerability VCID-g8ct-c4ce-zuaf
9
vulnerability VCID-jcq6-btgz-fkf6
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-m4zv-e3dn-budf
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-nc2j-pay7-ryab
14
vulnerability VCID-nntc-dsz1-e3fp
15
vulnerability VCID-p2gd-7uam-mqf8
16
vulnerability VCID-qhv1-wgpm-7fh6
17
vulnerability VCID-w9ca-exua-g7ar
18
vulnerability VCID-x7rg-rsb5-pya7
19
vulnerability VCID-y8up-cqtu-jkdw
20
vulnerability VCID-yghg-775s-vber
21
vulnerability VCID-zjrq-np3y-hua5
22
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.6
2
url pkg:composer/moodle/moodle@3.3.3
purl pkg:composer/moodle/moodle@3.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-8mgr-gdzj-4ybs
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-b7br-bh2d-rygp
6
vulnerability VCID-bjnq-q2nd-1khp
7
vulnerability VCID-ckg1-9vpt-yfdk
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fegs-ubsk-63hu
11
vulnerability VCID-fygy-9njn-abgd
12
vulnerability VCID-g8ct-c4ce-zuaf
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-m3np-aebb-8qaa
15
vulnerability VCID-m4zv-e3dn-budf
16
vulnerability VCID-mkfz-e1ft-2bcw
17
vulnerability VCID-mmg3-7fz9-5uak
18
vulnerability VCID-nc2j-pay7-ryab
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-p2gd-7uam-mqf8
21
vulnerability VCID-qhv1-wgpm-7fh6
22
vulnerability VCID-vfp6-4h8n-bkax
23
vulnerability VCID-w9ca-exua-g7ar
24
vulnerability VCID-x7rg-rsb5-pya7
25
vulnerability VCID-x9vd-njdz-jua9
26
vulnerability VCID-y8up-cqtu-jkdw
27
vulnerability VCID-yghg-775s-vber
28
vulnerability VCID-zjrq-np3y-hua5
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.3
aliases CVE-2017-15110, GHSA-rjh8-w8jg-xwq5
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-83kb-4mk9-t7ge
6
url VCID-8mgr-gdzj-4ybs
vulnerability_id VCID-8mgr-gdzj-4ybs
summary 
Information Exposure
A flaw was found in Moodle. It is possible for the `core_course_get_categories` web service to return hidden categories, which should be omitted when fetching course categories.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-10890
reference_id
reference_type
scores
0
value 0.00251
scoring_system epss
scoring_elements 0.48646
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-10890
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10890
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10890
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://moodle.org/mod/forum/discuss.php?d=373370
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=373370
4
reference_url http://www.securityfocus.com/bid/104738
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/104738
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-10890
reference_id CVE-2018-10890
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-10890
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.13
purl pkg:composer/moodle/moodle@3.1.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-9t4u-n1pn-w3bd
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-deur-8zdf-2kh2
6
vulnerability VCID-eu27-a3px-87ed
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-k73h-z6j8-gkgz
9
vulnerability VCID-m3np-aebb-8qaa
10
vulnerability VCID-mkfz-e1ft-2bcw
11
vulnerability VCID-nntc-dsz1-e3fp
12
vulnerability VCID-qhv1-wgpm-7fh6
13
vulnerability VCID-qxsq-ku22-r7gx
14
vulnerability VCID-r6kn-b963-eqge
15
vulnerability VCID-s6uu-335k-yfbc
16
vulnerability VCID-vfp6-4h8n-bkax
17
vulnerability VCID-w9ca-exua-g7ar
18
vulnerability VCID-x7rg-rsb5-pya7
19
vulnerability VCID-y8up-cqtu-jkdw
20
vulnerability VCID-zjrq-np3y-hua5
21
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.13
1
url pkg:composer/moodle/moodle@3.3.7
purl pkg:composer/moodle/moodle@3.3.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-bjnq-q2nd-1khp
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qhv1-wgpm-7fh6
9
vulnerability VCID-vfp6-4h8n-bkax
10
vulnerability VCID-w9ca-exua-g7ar
11
vulnerability VCID-x7rg-rsb5-pya7
12
vulnerability VCID-x9vd-njdz-jua9
13
vulnerability VCID-y8up-cqtu-jkdw
14
vulnerability VCID-zjrq-np3y-hua5
15
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.7
2
url pkg:composer/moodle/moodle@3.4.4
purl pkg:composer/moodle/moodle@3.4.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-bjnq-q2nd-1khp
4
vulnerability VCID-deur-8zdf-2kh2
5
vulnerability VCID-eu27-a3px-87ed
6
vulnerability VCID-jcq6-btgz-fkf6
7
vulnerability VCID-k73h-z6j8-gkgz
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-mkfz-e1ft-2bcw
10
vulnerability VCID-nntc-dsz1-e3fp
11
vulnerability VCID-qhv1-wgpm-7fh6
12
vulnerability VCID-qxsq-ku22-r7gx
13
vulnerability VCID-r6kn-b963-eqge
14
vulnerability VCID-s6uu-335k-yfbc
15
vulnerability VCID-vfp6-4h8n-bkax
16
vulnerability VCID-w9ca-exua-g7ar
17
vulnerability VCID-x7rg-rsb5-pya7
18
vulnerability VCID-x9vd-njdz-jua9
19
vulnerability VCID-y8up-cqtu-jkdw
20
vulnerability VCID-zjrq-np3y-hua5
21
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.4
3
url pkg:composer/moodle/moodle@3.5.1
purl pkg:composer/moodle/moodle@3.5.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-3cb4-wz6x-ckcd
3
vulnerability VCID-42fa-qbft-rfff
4
vulnerability VCID-56wj-4124-ryd2
5
vulnerability VCID-6m19-4krm-2udd
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-akv3-zfp8-kkc7
8
vulnerability VCID-bbj9-hpz3-xqhh
9
vulnerability VCID-bjnq-q2nd-1khp
10
vulnerability VCID-c1a1-z5m1-nfbc
11
vulnerability VCID-deur-8zdf-2kh2
12
vulnerability VCID-dpd2-1sqc-qqfy
13
vulnerability VCID-eu27-a3px-87ed
14
vulnerability VCID-fskk-cb95-uqer
15
vulnerability VCID-gnez-ehgq-rfbr
16
vulnerability VCID-hhzz-hbqz-akfw
17
vulnerability VCID-jcq6-btgz-fkf6
18
vulnerability VCID-jcsq-3q5z-4kc6
19
vulnerability VCID-k73h-z6j8-gkgz
20
vulnerability VCID-kgva-z9gg-u3dw
21
vulnerability VCID-m3np-aebb-8qaa
22
vulnerability VCID-mhm4-8kuk-t7b6
23
vulnerability VCID-mkfz-e1ft-2bcw
24
vulnerability VCID-mqde-66zm-qbbj
25
vulnerability VCID-nntc-dsz1-e3fp
26
vulnerability VCID-paj4-nq1r-jbd3
27
vulnerability VCID-pgfa-bkaw-q7cq
28
vulnerability VCID-qhv1-wgpm-7fh6
29
vulnerability VCID-qxsq-ku22-r7gx
30
vulnerability VCID-r6kn-b963-eqge
31
vulnerability VCID-s6uu-335k-yfbc
32
vulnerability VCID-vfp6-4h8n-bkax
33
vulnerability VCID-w2b2-fuky-j3ff
34
vulnerability VCID-w9ca-exua-g7ar
35
vulnerability VCID-x7rg-rsb5-pya7
36
vulnerability VCID-x9vd-njdz-jua9
37
vulnerability VCID-y8up-cqtu-jkdw
38
vulnerability VCID-zjrq-np3y-hua5
39
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.1
aliases CVE-2018-10890, GHSA-5w4h-xrr5-7273
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8mgr-gdzj-4ybs
7
url VCID-9nd7-4wve-97hc
vulnerability_id VCID-9nd7-4wve-97hc
summary 
Information Exposure
Various course reports allow teachers to view details about users in the groups they cannot access.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12157
reference_id
reference_type
scores
0
value 0.00124
scoring_system epss
scoring_elements 0.3106
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12157
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://github.com/moodle/moodle/commit/85b531e8beae3497ec2075e07e59c581fccb317c
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/85b531e8beae3497ec2075e07e59c581fccb317c
3
reference_url https://moodle.org/mod/forum/discuss.php?d=358586
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=358586
4
reference_url https://web.archive.org/web/20210124103841/http://www.securityfocus.com/bid/100848
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210124103841/http://www.securityfocus.com/bid/100848
5
reference_url http://www.securityfocus.com/bid/100848
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/100848
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-12157
reference_id CVE-2017-12157
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-12157
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.8
purl pkg:composer/moodle/moodle@3.1.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8mgr-gdzj-4ybs
5
vulnerability VCID-9t4u-n1pn-w3bd
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-ajkr-fxa1-mkhk
8
vulnerability VCID-b7br-bh2d-rygp
9
vulnerability VCID-bjnq-q2nd-1khp
10
vulnerability VCID-ckg1-9vpt-yfdk
11
vulnerability VCID-deur-8zdf-2kh2
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eu27-a3px-87ed
14
vulnerability VCID-fegs-ubsk-63hu
15
vulnerability VCID-g8ct-c4ce-zuaf
16
vulnerability VCID-jcq6-btgz-fkf6
17
vulnerability VCID-k73h-z6j8-gkgz
18
vulnerability VCID-m3np-aebb-8qaa
19
vulnerability VCID-m4zv-e3dn-budf
20
vulnerability VCID-mkfz-e1ft-2bcw
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-p2gd-7uam-mqf8
23
vulnerability VCID-qhv1-wgpm-7fh6
24
vulnerability VCID-qxsq-ku22-r7gx
25
vulnerability VCID-r6kn-b963-eqge
26
vulnerability VCID-s6uu-335k-yfbc
27
vulnerability VCID-vfp6-4h8n-bkax
28
vulnerability VCID-w9ca-exua-g7ar
29
vulnerability VCID-x7rg-rsb5-pya7
30
vulnerability VCID-y8up-cqtu-jkdw
31
vulnerability VCID-yghg-775s-vber
32
vulnerability VCID-zgzm-wj81-jkah
33
vulnerability VCID-zjrq-np3y-hua5
34
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.8
1
url pkg:composer/moodle/moodle@3.2.5
purl pkg:composer/moodle/moodle@3.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-ajkr-fxa1-mkhk
4
vulnerability VCID-b7br-bh2d-rygp
5
vulnerability VCID-ckg1-9vpt-yfdk
6
vulnerability VCID-duna-st9c-mqbk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-fegs-ubsk-63hu
9
vulnerability VCID-g8ct-c4ce-zuaf
10
vulnerability VCID-jcq6-btgz-fkf6
11
vulnerability VCID-m3np-aebb-8qaa
12
vulnerability VCID-m4zv-e3dn-budf
13
vulnerability VCID-mkfz-e1ft-2bcw
14
vulnerability VCID-nc2j-pay7-ryab
15
vulnerability VCID-nntc-dsz1-e3fp
16
vulnerability VCID-p2gd-7uam-mqf8
17
vulnerability VCID-qhv1-wgpm-7fh6
18
vulnerability VCID-w9ca-exua-g7ar
19
vulnerability VCID-x7rg-rsb5-pya7
20
vulnerability VCID-y8up-cqtu-jkdw
21
vulnerability VCID-yghg-775s-vber
22
vulnerability VCID-zgzm-wj81-jkah
23
vulnerability VCID-zjrq-np3y-hua5
24
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.5
2
url pkg:composer/moodle/moodle@3.3.2
purl pkg:composer/moodle/moodle@3.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-83kb-4mk9-t7ge
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-b7br-bh2d-rygp
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-ckg1-9vpt-yfdk
9
vulnerability VCID-duna-st9c-mqbk
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fegs-ubsk-63hu
12
vulnerability VCID-fygy-9njn-abgd
13
vulnerability VCID-g8ct-c4ce-zuaf
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-mmg3-7fz9-5uak
19
vulnerability VCID-nc2j-pay7-ryab
20
vulnerability VCID-nntc-dsz1-e3fp
21
vulnerability VCID-p2gd-7uam-mqf8
22
vulnerability VCID-qhv1-wgpm-7fh6
23
vulnerability VCID-vfp6-4h8n-bkax
24
vulnerability VCID-w9ca-exua-g7ar
25
vulnerability VCID-x7rg-rsb5-pya7
26
vulnerability VCID-x9vd-njdz-jua9
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zgzm-wj81-jkah
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.2
aliases CVE-2017-12157, GHSA-gw95-48xq-gqf9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9nd7-4wve-97hc
8
url VCID-9t4u-n1pn-w3bd
vulnerability_id VCID-9t4u-n1pn-w3bd
summary 
Server-Side Request Forgery (SSRF)
The mybackpack functionality allowed setting the URL of badges, when it should be restricted to the Mozilla Open Badges backpack URL. This resulted in the possibility of blind SSRF via requests made by the page.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-64222
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-64222
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3809
reference_id
reference_type
scores
0
value 0.00264
scoring_system epss
scoring_elements 0.49936
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3809
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3809
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3809
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://moodle.org/mod/forum/discuss.php?d=381229#p1536766
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=381229#p1536766
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-3809
reference_id CVE-2019-3809
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-3809
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.16
purl pkg:composer/moodle/moodle@3.1.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qhv1-wgpm-7fh6
9
vulnerability VCID-qxsq-ku22-r7gx
10
vulnerability VCID-r6kn-b963-eqge
11
vulnerability VCID-s6uu-335k-yfbc
12
vulnerability VCID-w9ca-exua-g7ar
13
vulnerability VCID-x7rg-rsb5-pya7
14
vulnerability VCID-y8up-cqtu-jkdw
15
vulnerability VCID-zjrq-np3y-hua5
16
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.16
aliases CVE-2019-3809, GHSA-jp4g-r8c9-3534
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9t4u-n1pn-w3bd
9
url VCID-a6pb-47tu-afcg
vulnerability_id VCID-a6pb-47tu-afcg
summary 
Information Exposure
Moodle is vulnerable to information exposure of service tokens for users enrolled in the same course.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1692
reference_id
reference_type
scores
0
value 0.00159
scoring_system epss
scoring_elements 0.36547
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1692
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1692
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1692
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1692
reference_id CVE-2020-1692
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1692
fixed_packages
0
url pkg:composer/moodle/moodle@3.7.2
purl pkg:composer/moodle/moodle@3.7.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-3uvf-6ztd-xkaf
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-56wj-4124-ryd2
4
vulnerability VCID-6m19-4krm-2udd
5
vulnerability VCID-c14d-1sa2-rkf6
6
vulnerability VCID-c1a1-z5m1-nfbc
7
vulnerability VCID-fskk-cb95-uqer
8
vulnerability VCID-hhzz-hbqz-akfw
9
vulnerability VCID-jcq6-btgz-fkf6
10
vulnerability VCID-jcsq-3q5z-4kc6
11
vulnerability VCID-kgva-z9gg-u3dw
12
vulnerability VCID-n5tc-1k33-dfeq
13
vulnerability VCID-paj4-nq1r-jbd3
14
vulnerability VCID-w2b2-fuky-j3ff
15
vulnerability VCID-y8up-cqtu-jkdw
16
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.2
aliases CVE-2020-1692, GHSA-9328-7pcw-vw69
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a6pb-47tu-afcg
10
url VCID-ajkr-fxa1-mkhk
vulnerability_id VCID-ajkr-fxa1-mkhk
summary 
Cross-site Scripting
Moodle is vulnerable to XSS via a calendar event name.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1045
reference_id
reference_type
scores
0
value 0.00237
scoring_system epss
scoring_elements 0.46987
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1045
1
reference_url https://moodle.org/mod/forum/discuss.php?d=364384
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=364384
2
reference_url https://web.archive.org/web/20210124134120/http://www.securityfocus.com/bid/102755
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210124134120/http://www.securityfocus.com/bid/102755
3
reference_url http://www.securityfocus.com/bid/102755
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/102755
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1045
reference_id CVE-2018-1045
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1045
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.10
purl pkg:composer/moodle/moodle@3.1.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-9t4u-n1pn-w3bd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-b7br-bh2d-rygp
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-ckg1-9vpt-yfdk
9
vulnerability VCID-deur-8zdf-2kh2
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fegs-ubsk-63hu
12
vulnerability VCID-g8ct-c4ce-zuaf
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k73h-z6j8-gkgz
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-p2gd-7uam-mqf8
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qxsq-ku22-r7gx
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-zjrq-np3y-hua5
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.10
1
url pkg:composer/moodle/moodle@3.2.7
purl pkg:composer/moodle/moodle@3.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-b7br-bh2d-rygp
3
vulnerability VCID-ckg1-9vpt-yfdk
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-fegs-ubsk-63hu
6
vulnerability VCID-g8ct-c4ce-zuaf
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-m4zv-e3dn-budf
10
vulnerability VCID-mkfz-e1ft-2bcw
11
vulnerability VCID-nntc-dsz1-e3fp
12
vulnerability VCID-p2gd-7uam-mqf8
13
vulnerability VCID-qhv1-wgpm-7fh6
14
vulnerability VCID-w9ca-exua-g7ar
15
vulnerability VCID-x7rg-rsb5-pya7
16
vulnerability VCID-y8up-cqtu-jkdw
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.7
2
url pkg:composer/moodle/moodle@3.3.4
purl pkg:composer/moodle/moodle@3.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-8mgr-gdzj-4ybs
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-b7br-bh2d-rygp
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-ckg1-9vpt-yfdk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-fegs-ubsk-63hu
9
vulnerability VCID-fygy-9njn-abgd
10
vulnerability VCID-g8ct-c4ce-zuaf
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-mmg3-7fz9-5uak
16
vulnerability VCID-nntc-dsz1-e3fp
17
vulnerability VCID-p2gd-7uam-mqf8
18
vulnerability VCID-qhv1-wgpm-7fh6
19
vulnerability VCID-vfp6-4h8n-bkax
20
vulnerability VCID-w9ca-exua-g7ar
21
vulnerability VCID-x7rg-rsb5-pya7
22
vulnerability VCID-x9vd-njdz-jua9
23
vulnerability VCID-y8up-cqtu-jkdw
24
vulnerability VCID-zjrq-np3y-hua5
25
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.4
aliases CVE-2018-1045, GHSA-595j-wpfg-23w4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ajkr-fxa1-mkhk
11
url VCID-b7br-bh2d-rygp
vulnerability_id VCID-b7br-bh2d-rygp
summary 
Improper Input Validation
An issue was discovered in Moodle. By substituting URLs in portfolios, users can instantiate any class. This can also be exploited by users who are logged in as guests to create a DDoS attack.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1137
reference_id
reference_type
scores
0
value 0.00266
scoring_system epss
scoring_elements 0.50293
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1137
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=371204
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=371204
3
reference_url http://www.securityfocus.com/bid/104307
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/104307
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1137
reference_id CVE-2018-1137
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1137
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.12
purl pkg:composer/moodle/moodle@3.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-9t4u-n1pn-w3bd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-bjnq-q2nd-1khp
7
vulnerability VCID-deur-8zdf-2kh2
8
vulnerability VCID-eu27-a3px-87ed
9
vulnerability VCID-jcq6-btgz-fkf6
10
vulnerability VCID-k73h-z6j8-gkgz
11
vulnerability VCID-m3np-aebb-8qaa
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-qxsq-ku22-r7gx
16
vulnerability VCID-r6kn-b963-eqge
17
vulnerability VCID-s6uu-335k-yfbc
18
vulnerability VCID-vfp6-4h8n-bkax
19
vulnerability VCID-w9ca-exua-g7ar
20
vulnerability VCID-x7rg-rsb5-pya7
21
vulnerability VCID-y8up-cqtu-jkdw
22
vulnerability VCID-zjrq-np3y-hua5
23
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.12
1
url pkg:composer/moodle/moodle@3.2.9
purl pkg:composer/moodle/moodle@3.2.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-eu27-a3px-87ed
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-m3np-aebb-8qaa
5
vulnerability VCID-mkfz-e1ft-2bcw
6
vulnerability VCID-nntc-dsz1-e3fp
7
vulnerability VCID-qhv1-wgpm-7fh6
8
vulnerability VCID-w9ca-exua-g7ar
9
vulnerability VCID-x7rg-rsb5-pya7
10
vulnerability VCID-y8up-cqtu-jkdw
11
vulnerability VCID-zjrq-np3y-hua5
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.9
2
url pkg:composer/moodle/moodle@3.3.6
purl pkg:composer/moodle/moodle@3.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-8mgr-gdzj-4ybs
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-eu27-a3px-87ed
6
vulnerability VCID-jcq6-btgz-fkf6
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-mkfz-e1ft-2bcw
9
vulnerability VCID-mmg3-7fz9-5uak
10
vulnerability VCID-nntc-dsz1-e3fp
11
vulnerability VCID-qhv1-wgpm-7fh6
12
vulnerability VCID-vfp6-4h8n-bkax
13
vulnerability VCID-w9ca-exua-g7ar
14
vulnerability VCID-x7rg-rsb5-pya7
15
vulnerability VCID-x9vd-njdz-jua9
16
vulnerability VCID-y8up-cqtu-jkdw
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.6
3
url pkg:composer/moodle/moodle@3.4.3
purl pkg:composer/moodle/moodle@3.4.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-deur-8zdf-2kh2
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-jcq6-btgz-fkf6
9
vulnerability VCID-k73h-z6j8-gkgz
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-mkfz-e1ft-2bcw
12
vulnerability VCID-mmg3-7fz9-5uak
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-qxsq-ku22-r7gx
16
vulnerability VCID-r6kn-b963-eqge
17
vulnerability VCID-s6uu-335k-yfbc
18
vulnerability VCID-vfp6-4h8n-bkax
19
vulnerability VCID-w9ca-exua-g7ar
20
vulnerability VCID-x7rg-rsb5-pya7
21
vulnerability VCID-x9vd-njdz-jua9
22
vulnerability VCID-y8up-cqtu-jkdw
23
vulnerability VCID-zjrq-np3y-hua5
24
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.3
aliases CVE-2018-1137, GHSA-vxqh-mx28-7ghw
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b7br-bh2d-rygp
12
url VCID-bjnq-q2nd-1khp
vulnerability_id VCID-bjnq-q2nd-1khp
summary 
Cross-Site Request Forgery (CSRF)
The login form is not protected by a token to prevent login cross-site request forgery.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-63183
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-63183
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-16854
reference_id
reference_type
scores
0
value 0.01178
scoring_system epss
scoring_elements 0.79076
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-16854
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16854
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16854
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://moodle.org/mod/forum/discuss.php?d=378731
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=378731
5
reference_url http://www.securityfocus.com/bid/106017
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/106017
6
reference_url http://www.securitytracker.com/id/1042154
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1042154
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-16854
reference_id CVE-2018-16854
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-16854
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.15
purl pkg:composer/moodle/moodle@3.1.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-9t4u-n1pn-w3bd
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-deur-8zdf-2kh2
5
vulnerability VCID-eu27-a3px-87ed
6
vulnerability VCID-jcq6-btgz-fkf6
7
vulnerability VCID-k73h-z6j8-gkgz
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-mkfz-e1ft-2bcw
10
vulnerability VCID-nntc-dsz1-e3fp
11
vulnerability VCID-qhv1-wgpm-7fh6
12
vulnerability VCID-qxsq-ku22-r7gx
13
vulnerability VCID-r6kn-b963-eqge
14
vulnerability VCID-s6uu-335k-yfbc
15
vulnerability VCID-w9ca-exua-g7ar
16
vulnerability VCID-x7rg-rsb5-pya7
17
vulnerability VCID-y8up-cqtu-jkdw
18
vulnerability VCID-zjrq-np3y-hua5
19
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.15
1
url pkg:composer/moodle/moodle@3.3.9
purl pkg:composer/moodle/moodle@3.3.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-eu27-a3px-87ed
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-m3np-aebb-8qaa
5
vulnerability VCID-mkfz-e1ft-2bcw
6
vulnerability VCID-nntc-dsz1-e3fp
7
vulnerability VCID-qhv1-wgpm-7fh6
8
vulnerability VCID-w9ca-exua-g7ar
9
vulnerability VCID-x7rg-rsb5-pya7
10
vulnerability VCID-y8up-cqtu-jkdw
11
vulnerability VCID-zjrq-np3y-hua5
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.9
2
url pkg:composer/moodle/moodle@3.4.6
purl pkg:composer/moodle/moodle@3.4.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-deur-8zdf-2kh2
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-k73h-z6j8-gkgz
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-mkfz-e1ft-2bcw
9
vulnerability VCID-nntc-dsz1-e3fp
10
vulnerability VCID-qhv1-wgpm-7fh6
11
vulnerability VCID-qxsq-ku22-r7gx
12
vulnerability VCID-r6kn-b963-eqge
13
vulnerability VCID-s6uu-335k-yfbc
14
vulnerability VCID-w9ca-exua-g7ar
15
vulnerability VCID-x7rg-rsb5-pya7
16
vulnerability VCID-y8up-cqtu-jkdw
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.6
3
url pkg:composer/moodle/moodle@3.5.3
purl pkg:composer/moodle/moodle@3.5.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-3cb4-wz6x-ckcd
3
vulnerability VCID-42fa-qbft-rfff
4
vulnerability VCID-56wj-4124-ryd2
5
vulnerability VCID-6m19-4krm-2udd
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-akv3-zfp8-kkc7
8
vulnerability VCID-bbj9-hpz3-xqhh
9
vulnerability VCID-c1a1-z5m1-nfbc
10
vulnerability VCID-deur-8zdf-2kh2
11
vulnerability VCID-dpd2-1sqc-qqfy
12
vulnerability VCID-eu27-a3px-87ed
13
vulnerability VCID-fskk-cb95-uqer
14
vulnerability VCID-gnez-ehgq-rfbr
15
vulnerability VCID-hhzz-hbqz-akfw
16
vulnerability VCID-jcq6-btgz-fkf6
17
vulnerability VCID-jcsq-3q5z-4kc6
18
vulnerability VCID-k73h-z6j8-gkgz
19
vulnerability VCID-kgva-z9gg-u3dw
20
vulnerability VCID-m3np-aebb-8qaa
21
vulnerability VCID-mhm4-8kuk-t7b6
22
vulnerability VCID-mkfz-e1ft-2bcw
23
vulnerability VCID-mqde-66zm-qbbj
24
vulnerability VCID-nntc-dsz1-e3fp
25
vulnerability VCID-paj4-nq1r-jbd3
26
vulnerability VCID-pgfa-bkaw-q7cq
27
vulnerability VCID-qhv1-wgpm-7fh6
28
vulnerability VCID-qxsq-ku22-r7gx
29
vulnerability VCID-r6kn-b963-eqge
30
vulnerability VCID-s6uu-335k-yfbc
31
vulnerability VCID-w2b2-fuky-j3ff
32
vulnerability VCID-w9ca-exua-g7ar
33
vulnerability VCID-x7rg-rsb5-pya7
34
vulnerability VCID-y8up-cqtu-jkdw
35
vulnerability VCID-zjrq-np3y-hua5
36
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.3
aliases CVE-2018-16854, GHSA-xj5f-qv37-r9jc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bjnq-q2nd-1khp
13
url VCID-ckg1-9vpt-yfdk
vulnerability_id VCID-ckg1-9vpt-yfdk
summary 
Improper Privilege Management
An issue was discovered in Moodle. Students who submitted assignments and exported them to portfolios can download any stored Moodle file by changing the download URL.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1134
reference_id
reference_type
scores
0
value 0.00116
scoring_system epss
scoring_elements 0.29886
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1134
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=371200
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=371200
3
reference_url http://www.securityfocus.com/bid/104307
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/104307
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1134
reference_id CVE-2018-1134
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1134
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.12
purl pkg:composer/moodle/moodle@3.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-9t4u-n1pn-w3bd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-bjnq-q2nd-1khp
7
vulnerability VCID-deur-8zdf-2kh2
8
vulnerability VCID-eu27-a3px-87ed
9
vulnerability VCID-jcq6-btgz-fkf6
10
vulnerability VCID-k73h-z6j8-gkgz
11
vulnerability VCID-m3np-aebb-8qaa
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-qxsq-ku22-r7gx
16
vulnerability VCID-r6kn-b963-eqge
17
vulnerability VCID-s6uu-335k-yfbc
18
vulnerability VCID-vfp6-4h8n-bkax
19
vulnerability VCID-w9ca-exua-g7ar
20
vulnerability VCID-x7rg-rsb5-pya7
21
vulnerability VCID-y8up-cqtu-jkdw
22
vulnerability VCID-zjrq-np3y-hua5
23
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.12
1
url pkg:composer/moodle/moodle@3.2.9
purl pkg:composer/moodle/moodle@3.2.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-eu27-a3px-87ed
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-m3np-aebb-8qaa
5
vulnerability VCID-mkfz-e1ft-2bcw
6
vulnerability VCID-nntc-dsz1-e3fp
7
vulnerability VCID-qhv1-wgpm-7fh6
8
vulnerability VCID-w9ca-exua-g7ar
9
vulnerability VCID-x7rg-rsb5-pya7
10
vulnerability VCID-y8up-cqtu-jkdw
11
vulnerability VCID-zjrq-np3y-hua5
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.9
2
url pkg:composer/moodle/moodle@3.3.6
purl pkg:composer/moodle/moodle@3.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-8mgr-gdzj-4ybs
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-eu27-a3px-87ed
6
vulnerability VCID-jcq6-btgz-fkf6
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-mkfz-e1ft-2bcw
9
vulnerability VCID-mmg3-7fz9-5uak
10
vulnerability VCID-nntc-dsz1-e3fp
11
vulnerability VCID-qhv1-wgpm-7fh6
12
vulnerability VCID-vfp6-4h8n-bkax
13
vulnerability VCID-w9ca-exua-g7ar
14
vulnerability VCID-x7rg-rsb5-pya7
15
vulnerability VCID-x9vd-njdz-jua9
16
vulnerability VCID-y8up-cqtu-jkdw
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.6
3
url pkg:composer/moodle/moodle@3.4.3
purl pkg:composer/moodle/moodle@3.4.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-deur-8zdf-2kh2
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-jcq6-btgz-fkf6
9
vulnerability VCID-k73h-z6j8-gkgz
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-mkfz-e1ft-2bcw
12
vulnerability VCID-mmg3-7fz9-5uak
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-qxsq-ku22-r7gx
16
vulnerability VCID-r6kn-b963-eqge
17
vulnerability VCID-s6uu-335k-yfbc
18
vulnerability VCID-vfp6-4h8n-bkax
19
vulnerability VCID-w9ca-exua-g7ar
20
vulnerability VCID-x7rg-rsb5-pya7
21
vulnerability VCID-x9vd-njdz-jua9
22
vulnerability VCID-y8up-cqtu-jkdw
23
vulnerability VCID-zjrq-np3y-hua5
24
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.3
aliases CVE-2018-1134, GHSA-xjx9-7c29-pwmm
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ckg1-9vpt-yfdk
14
url VCID-deur-8zdf-2kh2
vulnerability_id VCID-deur-8zdf-2kh2
summary 
Improper Input Validation
The size of users' private file uploads via email were not correctly checked, so their quota allowance could be exceeded.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10134
reference_id
reference_type
scores
0
value 0.00179
scoring_system epss
scoring_elements 0.39139
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10134
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10134
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10134
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://moodle.org/mod/forum/discuss.php?d=386524
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=386524
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10134
reference_id CVE-2019-10134
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10134
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.18
purl pkg:composer/moodle/moodle@3.1.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-eu27-a3px-87ed
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-m3np-aebb-8qaa
5
vulnerability VCID-mkfz-e1ft-2bcw
6
vulnerability VCID-nntc-dsz1-e3fp
7
vulnerability VCID-w9ca-exua-g7ar
8
vulnerability VCID-x7rg-rsb5-pya7
9
vulnerability VCID-y8up-cqtu-jkdw
10
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.18
1
url pkg:composer/moodle/moodle@3.4.9
purl pkg:composer/moodle/moodle@3.4.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-eu27-a3px-87ed
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-m3np-aebb-8qaa
5
vulnerability VCID-mkfz-e1ft-2bcw
6
vulnerability VCID-nntc-dsz1-e3fp
7
vulnerability VCID-w9ca-exua-g7ar
8
vulnerability VCID-x7rg-rsb5-pya7
9
vulnerability VCID-y8up-cqtu-jkdw
10
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.9
2
url pkg:composer/moodle/moodle@3.5.6
purl pkg:composer/moodle/moodle@3.5.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-3cb4-wz6x-ckcd
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-56wj-4124-ryd2
4
vulnerability VCID-6m19-4krm-2udd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-bbj9-hpz3-xqhh
7
vulnerability VCID-c1a1-z5m1-nfbc
8
vulnerability VCID-dpd2-1sqc-qqfy
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fskk-cb95-uqer
11
vulnerability VCID-gnez-ehgq-rfbr
12
vulnerability VCID-hhzz-hbqz-akfw
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-jcsq-3q5z-4kc6
15
vulnerability VCID-kgva-z9gg-u3dw
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-mhm4-8kuk-t7b6
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-mqde-66zm-qbbj
20
vulnerability VCID-nntc-dsz1-e3fp
21
vulnerability VCID-paj4-nq1r-jbd3
22
vulnerability VCID-pgfa-bkaw-q7cq
23
vulnerability VCID-w2b2-fuky-j3ff
24
vulnerability VCID-w9ca-exua-g7ar
25
vulnerability VCID-x7rg-rsb5-pya7
26
vulnerability VCID-y8up-cqtu-jkdw
27
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.6
3
url pkg:composer/moodle/moodle@3.6.4
purl pkg:composer/moodle/moodle@3.6.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-eu27-a3px-87ed
3
vulnerability VCID-hhzz-hbqz-akfw
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-kgva-z9gg-u3dw
6
vulnerability VCID-n5tc-1k33-dfeq
7
vulnerability VCID-paj4-nq1r-jbd3
8
vulnerability VCID-w2b2-fuky-j3ff
9
vulnerability VCID-w9ca-exua-g7ar
10
vulnerability VCID-x7rg-rsb5-pya7
11
vulnerability VCID-y8up-cqtu-jkdw
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.4
aliases CVE-2019-10134, GHSA-j8wr-7xxj-c2fr
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-deur-8zdf-2kh2
15
url VCID-dhku-uah4-ykh8
vulnerability_id VCID-dhku-uah4-ykh8
summary 
SQL Injection
An SQL injection can occur via user preferences.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-2641
reference_id
reference_type
scores
0
value 0.01895
scoring_system epss
scoring_elements 0.8355
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-2641
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=349419
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=349419
3
reference_url https://www.exploit-db.com/exploits/41828
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/41828
4
reference_url http://www.securityfocus.com/bid/96977
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/96977
5
reference_url http://www.securitytracker.com/id/1038174
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1038174
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/41828.php
reference_id CVE-2017-2641
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/41828.php
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-2641
reference_id CVE-2017-2641
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-2641
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.5
purl pkg:composer/moodle/moodle@3.1.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8mgr-gdzj-4ybs
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-9t4u-n1pn-w3bd
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-b7br-bh2d-rygp
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-ckg1-9vpt-yfdk
12
vulnerability VCID-deur-8zdf-2kh2
13
vulnerability VCID-duna-st9c-mqbk
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fegs-ubsk-63hu
16
vulnerability VCID-g8ct-c4ce-zuaf
17
vulnerability VCID-jcq6-btgz-fkf6
18
vulnerability VCID-k73h-z6j8-gkgz
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-p2gd-7uam-mqf8
24
vulnerability VCID-q2fa-jymp-c3bb
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-qxsq-ku22-r7gx
27
vulnerability VCID-r6kn-b963-eqge
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vfp6-4h8n-bkax
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-yghg-775s-vber
34
vulnerability VCID-yp82-zj5g-pbaf
35
vulnerability VCID-zgzm-wj81-jkah
36
vulnerability VCID-zjrq-np3y-hua5
37
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.5
1
url pkg:composer/moodle/moodle@3.2.2
purl pkg:composer/moodle/moodle@3.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-5rbf-4dz3-2qdz
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-9nd7-4wve-97hc
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-b1q7-u3cx-ukej
8
vulnerability VCID-b7br-bh2d-rygp
9
vulnerability VCID-ckg1-9vpt-yfdk
10
vulnerability VCID-duna-st9c-mqbk
11
vulnerability VCID-eu27-a3px-87ed
12
vulnerability VCID-fegs-ubsk-63hu
13
vulnerability VCID-g8ct-c4ce-zuaf
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nc2j-pay7-ryab
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-p2gd-7uam-mqf8
21
vulnerability VCID-q2fa-jymp-c3bb
22
vulnerability VCID-qhv1-wgpm-7fh6
23
vulnerability VCID-vtq4-fpr8-hudb
24
vulnerability VCID-w9ca-exua-g7ar
25
vulnerability VCID-x7rg-rsb5-pya7
26
vulnerability VCID-y8up-cqtu-jkdw
27
vulnerability VCID-yghg-775s-vber
28
vulnerability VCID-yp82-zj5g-pbaf
29
vulnerability VCID-zgzm-wj81-jkah
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.2
aliases CVE-2017-2641, GHSA-xhq3-455r-xv44
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dhku-uah4-ykh8
16
url VCID-duna-st9c-mqbk
vulnerability_id VCID-duna-st9c-mqbk
summary 
Information Exposure
In Moodle, the quiz web services allow students to see quiz results when it is prohibited in the settings.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1044
reference_id
reference_type
scores
0
value 0.00185
scoring_system epss
scoring_elements 0.3998
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1044
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=364383
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=364383
3
reference_url http://www.securityfocus.com/bid/102754
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/102754
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1044
reference_id CVE-2018-1044
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1044
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.10
purl pkg:composer/moodle/moodle@3.1.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-9t4u-n1pn-w3bd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-b7br-bh2d-rygp
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-ckg1-9vpt-yfdk
9
vulnerability VCID-deur-8zdf-2kh2
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fegs-ubsk-63hu
12
vulnerability VCID-g8ct-c4ce-zuaf
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k73h-z6j8-gkgz
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-p2gd-7uam-mqf8
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qxsq-ku22-r7gx
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-zjrq-np3y-hua5
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.10
1
url pkg:composer/moodle/moodle@3.2.7
purl pkg:composer/moodle/moodle@3.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-b7br-bh2d-rygp
3
vulnerability VCID-ckg1-9vpt-yfdk
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-fegs-ubsk-63hu
6
vulnerability VCID-g8ct-c4ce-zuaf
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-m4zv-e3dn-budf
10
vulnerability VCID-mkfz-e1ft-2bcw
11
vulnerability VCID-nntc-dsz1-e3fp
12
vulnerability VCID-p2gd-7uam-mqf8
13
vulnerability VCID-qhv1-wgpm-7fh6
14
vulnerability VCID-w9ca-exua-g7ar
15
vulnerability VCID-x7rg-rsb5-pya7
16
vulnerability VCID-y8up-cqtu-jkdw
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.7
2
url pkg:composer/moodle/moodle@3.3.4
purl pkg:composer/moodle/moodle@3.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-8mgr-gdzj-4ybs
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-b7br-bh2d-rygp
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-ckg1-9vpt-yfdk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-fegs-ubsk-63hu
9
vulnerability VCID-fygy-9njn-abgd
10
vulnerability VCID-g8ct-c4ce-zuaf
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-mmg3-7fz9-5uak
16
vulnerability VCID-nntc-dsz1-e3fp
17
vulnerability VCID-p2gd-7uam-mqf8
18
vulnerability VCID-qhv1-wgpm-7fh6
19
vulnerability VCID-vfp6-4h8n-bkax
20
vulnerability VCID-w9ca-exua-g7ar
21
vulnerability VCID-x7rg-rsb5-pya7
22
vulnerability VCID-x9vd-njdz-jua9
23
vulnerability VCID-y8up-cqtu-jkdw
24
vulnerability VCID-zjrq-np3y-hua5
25
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.4
3
url pkg:composer/moodle/moodle@3.4.1
purl pkg:composer/moodle/moodle@3.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-b7br-bh2d-rygp
6
vulnerability VCID-bjnq-q2nd-1khp
7
vulnerability VCID-ckg1-9vpt-yfdk
8
vulnerability VCID-deur-8zdf-2kh2
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fegs-ubsk-63hu
11
vulnerability VCID-fygy-9njn-abgd
12
vulnerability VCID-g8ct-c4ce-zuaf
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k73h-z6j8-gkgz
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-mmg3-7fz9-5uak
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-p2gd-7uam-mqf8
21
vulnerability VCID-qhv1-wgpm-7fh6
22
vulnerability VCID-qxsq-ku22-r7gx
23
vulnerability VCID-r6kn-b963-eqge
24
vulnerability VCID-s6uu-335k-yfbc
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-x9vd-njdz-jua9
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.1
aliases CVE-2018-1044, GHSA-332g-xh34-5c96
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-duna-st9c-mqbk
17
url VCID-eu27-a3px-87ed
vulnerability_id VCID-eu27-a3px-87ed
summary 
Improper Access Control
Teachers in an assignment group could modify group overrides for other groups in the same assignment.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10189
reference_id
reference_type
scores
0
value 0.00156
scoring_system epss
scoring_elements 0.36022
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10189
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10189
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10189
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://moodle.org/mod/forum/discuss.php?d=388570
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=388570
4
reference_url http://www.securityfocus.com/bid/109271
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/109271
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10189
reference_id CVE-2019-10189
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10189
fixed_packages
0
url pkg:composer/moodle/moodle@3.5.7
purl pkg:composer/moodle/moodle@3.5.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-42fa-qbft-rfff
2
vulnerability VCID-56wj-4124-ryd2
3
vulnerability VCID-6m19-4krm-2udd
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-bbj9-hpz3-xqhh
6
vulnerability VCID-c1a1-z5m1-nfbc
7
vulnerability VCID-dpd2-1sqc-qqfy
8
vulnerability VCID-fskk-cb95-uqer
9
vulnerability VCID-gnez-ehgq-rfbr
10
vulnerability VCID-hhzz-hbqz-akfw
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-jcsq-3q5z-4kc6
13
vulnerability VCID-kgva-z9gg-u3dw
14
vulnerability VCID-mhm4-8kuk-t7b6
15
vulnerability VCID-mkfz-e1ft-2bcw
16
vulnerability VCID-mqde-66zm-qbbj
17
vulnerability VCID-nntc-dsz1-e3fp
18
vulnerability VCID-paj4-nq1r-jbd3
19
vulnerability VCID-pgfa-bkaw-q7cq
20
vulnerability VCID-w2b2-fuky-j3ff
21
vulnerability VCID-y8up-cqtu-jkdw
22
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7
1
url pkg:composer/moodle/moodle@3.6.5
purl pkg:composer/moodle/moodle@3.6.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a6pb-47tu-afcg
1
vulnerability VCID-hhzz-hbqz-akfw
2
vulnerability VCID-jcq6-btgz-fkf6
3
vulnerability VCID-kgva-z9gg-u3dw
4
vulnerability VCID-n5tc-1k33-dfeq
5
vulnerability VCID-paj4-nq1r-jbd3
6
vulnerability VCID-w2b2-fuky-j3ff
7
vulnerability VCID-y8up-cqtu-jkdw
8
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.5
2
url pkg:composer/moodle/moodle@3.7.1
purl pkg:composer/moodle/moodle@3.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-3uvf-6ztd-xkaf
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-494p-pmxw-b7e2
4
vulnerability VCID-56wj-4124-ryd2
5
vulnerability VCID-6m19-4krm-2udd
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-c14d-1sa2-rkf6
8
vulnerability VCID-c1a1-z5m1-nfbc
9
vulnerability VCID-fskk-cb95-uqer
10
vulnerability VCID-hhzz-hbqz-akfw
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-jcsq-3q5z-4kc6
13
vulnerability VCID-kgva-z9gg-u3dw
14
vulnerability VCID-n5tc-1k33-dfeq
15
vulnerability VCID-paj4-nq1r-jbd3
16
vulnerability VCID-w2b2-fuky-j3ff
17
vulnerability VCID-y8up-cqtu-jkdw
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1
aliases CVE-2019-10189, GHSA-h7xp-7fjp-ghhc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eu27-a3px-87ed
18
url VCID-fegs-ubsk-63hu
vulnerability_id VCID-fegs-ubsk-63hu
summary 
Information Exposure
An issue was discovered in Moodle. Students who posted on forums and exported the posts to portfolios can download any stored Moodle file by changing the download URL.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1135
reference_id
reference_type
scores
0
value 0.00176
scoring_system epss
scoring_elements 0.38842
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1135
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=371201
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=371201
3
reference_url http://www.securityfocus.com/bid/104307
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/104307
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1135
reference_id CVE-2018-1135
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1135
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.12
purl pkg:composer/moodle/moodle@3.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-9t4u-n1pn-w3bd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-bjnq-q2nd-1khp
7
vulnerability VCID-deur-8zdf-2kh2
8
vulnerability VCID-eu27-a3px-87ed
9
vulnerability VCID-jcq6-btgz-fkf6
10
vulnerability VCID-k73h-z6j8-gkgz
11
vulnerability VCID-m3np-aebb-8qaa
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-qxsq-ku22-r7gx
16
vulnerability VCID-r6kn-b963-eqge
17
vulnerability VCID-s6uu-335k-yfbc
18
vulnerability VCID-vfp6-4h8n-bkax
19
vulnerability VCID-w9ca-exua-g7ar
20
vulnerability VCID-x7rg-rsb5-pya7
21
vulnerability VCID-y8up-cqtu-jkdw
22
vulnerability VCID-zjrq-np3y-hua5
23
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.12
1
url pkg:composer/moodle/moodle@3.2.9
purl pkg:composer/moodle/moodle@3.2.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-eu27-a3px-87ed
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-m3np-aebb-8qaa
5
vulnerability VCID-mkfz-e1ft-2bcw
6
vulnerability VCID-nntc-dsz1-e3fp
7
vulnerability VCID-qhv1-wgpm-7fh6
8
vulnerability VCID-w9ca-exua-g7ar
9
vulnerability VCID-x7rg-rsb5-pya7
10
vulnerability VCID-y8up-cqtu-jkdw
11
vulnerability VCID-zjrq-np3y-hua5
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.9
2
url pkg:composer/moodle/moodle@3.3.6
purl pkg:composer/moodle/moodle@3.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-8mgr-gdzj-4ybs
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-eu27-a3px-87ed
6
vulnerability VCID-jcq6-btgz-fkf6
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-mkfz-e1ft-2bcw
9
vulnerability VCID-mmg3-7fz9-5uak
10
vulnerability VCID-nntc-dsz1-e3fp
11
vulnerability VCID-qhv1-wgpm-7fh6
12
vulnerability VCID-vfp6-4h8n-bkax
13
vulnerability VCID-w9ca-exua-g7ar
14
vulnerability VCID-x7rg-rsb5-pya7
15
vulnerability VCID-x9vd-njdz-jua9
16
vulnerability VCID-y8up-cqtu-jkdw
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.6
3
url pkg:composer/moodle/moodle@3.4.3
purl pkg:composer/moodle/moodle@3.4.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-deur-8zdf-2kh2
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-jcq6-btgz-fkf6
9
vulnerability VCID-k73h-z6j8-gkgz
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-mkfz-e1ft-2bcw
12
vulnerability VCID-mmg3-7fz9-5uak
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-qxsq-ku22-r7gx
16
vulnerability VCID-r6kn-b963-eqge
17
vulnerability VCID-s6uu-335k-yfbc
18
vulnerability VCID-vfp6-4h8n-bkax
19
vulnerability VCID-w9ca-exua-g7ar
20
vulnerability VCID-x7rg-rsb5-pya7
21
vulnerability VCID-x9vd-njdz-jua9
22
vulnerability VCID-y8up-cqtu-jkdw
23
vulnerability VCID-zjrq-np3y-hua5
24
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.3
aliases CVE-2018-1135, GHSA-vxmv-74rf-vqgp
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fegs-ubsk-63hu
19
url VCID-g8ct-c4ce-zuaf
vulnerability_id VCID-g8ct-c4ce-zuaf
summary 
Cross-site Scripting
An issue was discovered in Moodle. An authenticated user is allowed to add HTML blocks containing scripts to their Dashboard; this is normally not a security issue because a personal dashboard is visible to this user only. Through this security vulnerability, users can move such a block to other pages where they can be viewed by other users.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1136
reference_id
reference_type
scores
0
value 0.00194
scoring_system epss
scoring_elements 0.41148
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1136
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=371202
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=371202
3
reference_url http://www.securityfocus.com/bid/104307
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/104307
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1136
reference_id CVE-2018-1136
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1136
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.12
purl pkg:composer/moodle/moodle@3.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-9t4u-n1pn-w3bd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-bjnq-q2nd-1khp
7
vulnerability VCID-deur-8zdf-2kh2
8
vulnerability VCID-eu27-a3px-87ed
9
vulnerability VCID-jcq6-btgz-fkf6
10
vulnerability VCID-k73h-z6j8-gkgz
11
vulnerability VCID-m3np-aebb-8qaa
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-qxsq-ku22-r7gx
16
vulnerability VCID-r6kn-b963-eqge
17
vulnerability VCID-s6uu-335k-yfbc
18
vulnerability VCID-vfp6-4h8n-bkax
19
vulnerability VCID-w9ca-exua-g7ar
20
vulnerability VCID-x7rg-rsb5-pya7
21
vulnerability VCID-y8up-cqtu-jkdw
22
vulnerability VCID-zjrq-np3y-hua5
23
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.12
1
url pkg:composer/moodle/moodle@3.2.9
purl pkg:composer/moodle/moodle@3.2.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-eu27-a3px-87ed
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-m3np-aebb-8qaa
5
vulnerability VCID-mkfz-e1ft-2bcw
6
vulnerability VCID-nntc-dsz1-e3fp
7
vulnerability VCID-qhv1-wgpm-7fh6
8
vulnerability VCID-w9ca-exua-g7ar
9
vulnerability VCID-x7rg-rsb5-pya7
10
vulnerability VCID-y8up-cqtu-jkdw
11
vulnerability VCID-zjrq-np3y-hua5
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.9
2
url pkg:composer/moodle/moodle@3.3.6
purl pkg:composer/moodle/moodle@3.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-8mgr-gdzj-4ybs
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-eu27-a3px-87ed
6
vulnerability VCID-jcq6-btgz-fkf6
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-mkfz-e1ft-2bcw
9
vulnerability VCID-mmg3-7fz9-5uak
10
vulnerability VCID-nntc-dsz1-e3fp
11
vulnerability VCID-qhv1-wgpm-7fh6
12
vulnerability VCID-vfp6-4h8n-bkax
13
vulnerability VCID-w9ca-exua-g7ar
14
vulnerability VCID-x7rg-rsb5-pya7
15
vulnerability VCID-x9vd-njdz-jua9
16
vulnerability VCID-y8up-cqtu-jkdw
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.6
3
url pkg:composer/moodle/moodle@3.4.3
purl pkg:composer/moodle/moodle@3.4.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-deur-8zdf-2kh2
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-jcq6-btgz-fkf6
9
vulnerability VCID-k73h-z6j8-gkgz
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-mkfz-e1ft-2bcw
12
vulnerability VCID-mmg3-7fz9-5uak
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-qxsq-ku22-r7gx
16
vulnerability VCID-r6kn-b963-eqge
17
vulnerability VCID-s6uu-335k-yfbc
18
vulnerability VCID-vfp6-4h8n-bkax
19
vulnerability VCID-w9ca-exua-g7ar
20
vulnerability VCID-x7rg-rsb5-pya7
21
vulnerability VCID-x9vd-njdz-jua9
22
vulnerability VCID-y8up-cqtu-jkdw
23
vulnerability VCID-zjrq-np3y-hua5
24
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.3
aliases CVE-2018-1136, GHSA-xhfw-wjjc-4j5h
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g8ct-c4ce-zuaf
20
url VCID-jcq6-btgz-fkf6
vulnerability_id VCID-jcq6-btgz-fkf6
summary 
Cross-site Scripting
It was found in Moodle that some search inputs were vulnerable to reflected XSS due to insufficient escaping of search queries.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20183
reference_id
reference_type
scores
0
value 0.00455
scoring_system epss
scoring_elements 0.64171
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20183
1
reference_url https://github.com/moodle/moodle/commit/dc9de7b0d487b73c23c221dc0b8b6e01654921f3
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/dc9de7b0d487b73c23c221dc0b8b6e01654921f3
2
reference_url https://moodle.org/mod/forum/discuss.php?d=417166
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=417166
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20183
reference_id CVE-2021-20183
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20183
fixed_packages
0
url pkg:composer/moodle/moodle@3.10.1
purl pkg:composer/moodle/moodle@3.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-bu6d-ns3s-fuck
2
vulnerability VCID-dpd2-1sqc-qqfy
3
vulnerability VCID-gnez-ehgq-rfbr
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.1
1
url pkg:composer/moodle/moodle@4.0.0-beta
purl pkg:composer/moodle/moodle@4.0.0-beta
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.0-beta
aliases CVE-2021-20183, GHSA-xhfx-rm8q-c3xv
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jcq6-btgz-fkf6
21
url VCID-jn5n-6hg9-tyf7
vulnerability_id VCID-jn5n-6hg9-tyf7
summary 
Cross-site Scripting
An XSS can occur via evidence of prior learning.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-2644
reference_id
reference_type
scores
0
value 0.00285
scoring_system epss
scoring_elements 0.52121
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-2644
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://github.com/moodle/moodle/commit/ac40d8b589820929fe4201a3f0640414e2b9dabd
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/ac40d8b589820929fe4201a3f0640414e2b9dabd
3
reference_url https://moodle.org/mod/forum/discuss.php?d=349421
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=349421
4
reference_url https://web.archive.org/web/20210124004851/http://www.securityfocus.com/bid/96979
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210124004851/http://www.securityfocus.com/bid/96979
5
reference_url https://web.archive.org/web/20210227004858/http://www.securitytracker.com/id/1038174
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210227004858/http://www.securitytracker.com/id/1038174
6
reference_url http://www.securityfocus.com/bid/96979
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/96979
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-2644
reference_id CVE-2017-2644
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-2644
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.5
purl pkg:composer/moodle/moodle@3.1.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8mgr-gdzj-4ybs
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-9t4u-n1pn-w3bd
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-b7br-bh2d-rygp
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-ckg1-9vpt-yfdk
12
vulnerability VCID-deur-8zdf-2kh2
13
vulnerability VCID-duna-st9c-mqbk
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fegs-ubsk-63hu
16
vulnerability VCID-g8ct-c4ce-zuaf
17
vulnerability VCID-jcq6-btgz-fkf6
18
vulnerability VCID-k73h-z6j8-gkgz
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-p2gd-7uam-mqf8
24
vulnerability VCID-q2fa-jymp-c3bb
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-qxsq-ku22-r7gx
27
vulnerability VCID-r6kn-b963-eqge
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vfp6-4h8n-bkax
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-yghg-775s-vber
34
vulnerability VCID-yp82-zj5g-pbaf
35
vulnerability VCID-zgzm-wj81-jkah
36
vulnerability VCID-zjrq-np3y-hua5
37
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.5
1
url pkg:composer/moodle/moodle@3.2.2
purl pkg:composer/moodle/moodle@3.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-5rbf-4dz3-2qdz
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-9nd7-4wve-97hc
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-b1q7-u3cx-ukej
8
vulnerability VCID-b7br-bh2d-rygp
9
vulnerability VCID-ckg1-9vpt-yfdk
10
vulnerability VCID-duna-st9c-mqbk
11
vulnerability VCID-eu27-a3px-87ed
12
vulnerability VCID-fegs-ubsk-63hu
13
vulnerability VCID-g8ct-c4ce-zuaf
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nc2j-pay7-ryab
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-p2gd-7uam-mqf8
21
vulnerability VCID-q2fa-jymp-c3bb
22
vulnerability VCID-qhv1-wgpm-7fh6
23
vulnerability VCID-vtq4-fpr8-hudb
24
vulnerability VCID-w9ca-exua-g7ar
25
vulnerability VCID-x7rg-rsb5-pya7
26
vulnerability VCID-y8up-cqtu-jkdw
27
vulnerability VCID-yghg-775s-vber
28
vulnerability VCID-yp82-zj5g-pbaf
29
vulnerability VCID-zgzm-wj81-jkah
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.2
aliases CVE-2017-2644, GHSA-93gj-rg98-h7mm
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jn5n-6hg9-tyf7
22
url VCID-k73h-z6j8-gkgz
vulnerability_id VCID-k73h-z6j8-gkgz
summary 
Information Exposure
The `/userpix/` page did not escape users' full names, which are included as text when hovering over profile images. Note this page is not linked to by default and its access is restricted.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-64372
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-64372
1
reference_url http://packetstormsecurity.com/files/162399/Moodle-3.6.1-Cross-Site-Scripting.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/162399/Moodle-3.6.1-Cross-Site-Scripting.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3810
reference_id
reference_type
scores
0
value 0.08385
scoring_system epss
scoring_elements 0.92457
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3810
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3810
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3810
4
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
5
reference_url https://moodle.org/mod/forum/discuss.php?d=381230#p1536767
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=381230#p1536767
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/49814.txt
reference_id CVE-2019-3810
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/49814.txt
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-3810
reference_id CVE-2019-3810
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-3810
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.15
purl pkg:composer/moodle/moodle@3.1.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-9t4u-n1pn-w3bd
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-deur-8zdf-2kh2
5
vulnerability VCID-eu27-a3px-87ed
6
vulnerability VCID-jcq6-btgz-fkf6
7
vulnerability VCID-k73h-z6j8-gkgz
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-mkfz-e1ft-2bcw
10
vulnerability VCID-nntc-dsz1-e3fp
11
vulnerability VCID-qhv1-wgpm-7fh6
12
vulnerability VCID-qxsq-ku22-r7gx
13
vulnerability VCID-r6kn-b963-eqge
14
vulnerability VCID-s6uu-335k-yfbc
15
vulnerability VCID-w9ca-exua-g7ar
16
vulnerability VCID-x7rg-rsb5-pya7
17
vulnerability VCID-y8up-cqtu-jkdw
18
vulnerability VCID-zjrq-np3y-hua5
19
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.15
1
url pkg:composer/moodle/moodle@3.1.16
purl pkg:composer/moodle/moodle@3.1.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qhv1-wgpm-7fh6
9
vulnerability VCID-qxsq-ku22-r7gx
10
vulnerability VCID-r6kn-b963-eqge
11
vulnerability VCID-s6uu-335k-yfbc
12
vulnerability VCID-w9ca-exua-g7ar
13
vulnerability VCID-x7rg-rsb5-pya7
14
vulnerability VCID-y8up-cqtu-jkdw
15
vulnerability VCID-zjrq-np3y-hua5
16
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.16
2
url pkg:composer/moodle/moodle@3.4.6
purl pkg:composer/moodle/moodle@3.4.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-deur-8zdf-2kh2
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-k73h-z6j8-gkgz
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-mkfz-e1ft-2bcw
9
vulnerability VCID-nntc-dsz1-e3fp
10
vulnerability VCID-qhv1-wgpm-7fh6
11
vulnerability VCID-qxsq-ku22-r7gx
12
vulnerability VCID-r6kn-b963-eqge
13
vulnerability VCID-s6uu-335k-yfbc
14
vulnerability VCID-w9ca-exua-g7ar
15
vulnerability VCID-x7rg-rsb5-pya7
16
vulnerability VCID-y8up-cqtu-jkdw
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.6
3
url pkg:composer/moodle/moodle@3.4.7
purl pkg:composer/moodle/moodle@3.4.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qhv1-wgpm-7fh6
9
vulnerability VCID-qxsq-ku22-r7gx
10
vulnerability VCID-r6kn-b963-eqge
11
vulnerability VCID-s6uu-335k-yfbc
12
vulnerability VCID-w9ca-exua-g7ar
13
vulnerability VCID-x7rg-rsb5-pya7
14
vulnerability VCID-y8up-cqtu-jkdw
15
vulnerability VCID-zjrq-np3y-hua5
16
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.7
4
url pkg:composer/moodle/moodle@3.5.3
purl pkg:composer/moodle/moodle@3.5.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-3cb4-wz6x-ckcd
3
vulnerability VCID-42fa-qbft-rfff
4
vulnerability VCID-56wj-4124-ryd2
5
vulnerability VCID-6m19-4krm-2udd
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-akv3-zfp8-kkc7
8
vulnerability VCID-bbj9-hpz3-xqhh
9
vulnerability VCID-c1a1-z5m1-nfbc
10
vulnerability VCID-deur-8zdf-2kh2
11
vulnerability VCID-dpd2-1sqc-qqfy
12
vulnerability VCID-eu27-a3px-87ed
13
vulnerability VCID-fskk-cb95-uqer
14
vulnerability VCID-gnez-ehgq-rfbr
15
vulnerability VCID-hhzz-hbqz-akfw
16
vulnerability VCID-jcq6-btgz-fkf6
17
vulnerability VCID-jcsq-3q5z-4kc6
18
vulnerability VCID-k73h-z6j8-gkgz
19
vulnerability VCID-kgva-z9gg-u3dw
20
vulnerability VCID-m3np-aebb-8qaa
21
vulnerability VCID-mhm4-8kuk-t7b6
22
vulnerability VCID-mkfz-e1ft-2bcw
23
vulnerability VCID-mqde-66zm-qbbj
24
vulnerability VCID-nntc-dsz1-e3fp
25
vulnerability VCID-paj4-nq1r-jbd3
26
vulnerability VCID-pgfa-bkaw-q7cq
27
vulnerability VCID-qhv1-wgpm-7fh6
28
vulnerability VCID-qxsq-ku22-r7gx
29
vulnerability VCID-r6kn-b963-eqge
30
vulnerability VCID-s6uu-335k-yfbc
31
vulnerability VCID-w2b2-fuky-j3ff
32
vulnerability VCID-w9ca-exua-g7ar
33
vulnerability VCID-x7rg-rsb5-pya7
34
vulnerability VCID-y8up-cqtu-jkdw
35
vulnerability VCID-zjrq-np3y-hua5
36
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.3
5
url pkg:composer/moodle/moodle@3.5.4
purl pkg:composer/moodle/moodle@3.5.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-3cb4-wz6x-ckcd
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-56wj-4124-ryd2
4
vulnerability VCID-6m19-4krm-2udd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-akv3-zfp8-kkc7
7
vulnerability VCID-bbj9-hpz3-xqhh
8
vulnerability VCID-c1a1-z5m1-nfbc
9
vulnerability VCID-deur-8zdf-2kh2
10
vulnerability VCID-dpd2-1sqc-qqfy
11
vulnerability VCID-eu27-a3px-87ed
12
vulnerability VCID-fskk-cb95-uqer
13
vulnerability VCID-gnez-ehgq-rfbr
14
vulnerability VCID-hhzz-hbqz-akfw
15
vulnerability VCID-jcq6-btgz-fkf6
16
vulnerability VCID-jcsq-3q5z-4kc6
17
vulnerability VCID-kgva-z9gg-u3dw
18
vulnerability VCID-m3np-aebb-8qaa
19
vulnerability VCID-mhm4-8kuk-t7b6
20
vulnerability VCID-mkfz-e1ft-2bcw
21
vulnerability VCID-mqde-66zm-qbbj
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-paj4-nq1r-jbd3
24
vulnerability VCID-pgfa-bkaw-q7cq
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-qxsq-ku22-r7gx
27
vulnerability VCID-r6kn-b963-eqge
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-w2b2-fuky-j3ff
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-zjrq-np3y-hua5
34
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.4
6
url pkg:composer/moodle/moodle@3.6.1
purl pkg:composer/moodle/moodle@3.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-akv3-zfp8-kkc7
4
vulnerability VCID-deur-8zdf-2kh2
5
vulnerability VCID-eu27-a3px-87ed
6
vulnerability VCID-hhzz-hbqz-akfw
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-k73h-z6j8-gkgz
9
vulnerability VCID-kgva-z9gg-u3dw
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-n5tc-1k33-dfeq
12
vulnerability VCID-paj4-nq1r-jbd3
13
vulnerability VCID-qhv1-wgpm-7fh6
14
vulnerability VCID-qxsq-ku22-r7gx
15
vulnerability VCID-r6kn-b963-eqge
16
vulnerability VCID-s6uu-335k-yfbc
17
vulnerability VCID-w2b2-fuky-j3ff
18
vulnerability VCID-w9ca-exua-g7ar
19
vulnerability VCID-x7rg-rsb5-pya7
20
vulnerability VCID-y8up-cqtu-jkdw
21
vulnerability VCID-zjrq-np3y-hua5
22
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.1
7
url pkg:composer/moodle/moodle@3.6.2
purl pkg:composer/moodle/moodle@3.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-akv3-zfp8-kkc7
3
vulnerability VCID-deur-8zdf-2kh2
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-hhzz-hbqz-akfw
6
vulnerability VCID-jcq6-btgz-fkf6
7
vulnerability VCID-kgva-z9gg-u3dw
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-n5tc-1k33-dfeq
10
vulnerability VCID-paj4-nq1r-jbd3
11
vulnerability VCID-qhv1-wgpm-7fh6
12
vulnerability VCID-qxsq-ku22-r7gx
13
vulnerability VCID-r6kn-b963-eqge
14
vulnerability VCID-s6uu-335k-yfbc
15
vulnerability VCID-w2b2-fuky-j3ff
16
vulnerability VCID-w9ca-exua-g7ar
17
vulnerability VCID-x7rg-rsb5-pya7
18
vulnerability VCID-y8up-cqtu-jkdw
19
vulnerability VCID-zjrq-np3y-hua5
20
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.2
aliases CVE-2019-3810, GHSA-wm4w-8vc6-2j4h
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k73h-z6j8-gkgz
23
url VCID-m3np-aebb-8qaa
vulnerability_id VCID-m3np-aebb-8qaa
summary 
Improper Access Control
A web service fetching messages was not restricted to the current user's conversations.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10154
reference_id
reference_type
scores
0
value 0.00236
scoring_system epss
scoring_elements 0.4672
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10154
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10154
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10154
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/2904a7f851da8e66be12f41d55068bf07817fbd6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/2904a7f851da8e66be12f41d55068bf07817fbd6
4
reference_url https://github.com/moodle/moodle/commit/a3d19efab4aff83c07db9f0ad34c8f0e1f29c64c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/a3d19efab4aff83c07db9f0ad34c8f0e1f29c64c
5
reference_url https://moodle.org/mod/forum/discuss.php?d=386521
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=386521
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10154
reference_id CVE-2019-10154
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10154
fixed_packages
0
url pkg:composer/moodle/moodle@3.6.4
purl pkg:composer/moodle/moodle@3.6.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-eu27-a3px-87ed
3
vulnerability VCID-hhzz-hbqz-akfw
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-kgva-z9gg-u3dw
6
vulnerability VCID-n5tc-1k33-dfeq
7
vulnerability VCID-paj4-nq1r-jbd3
8
vulnerability VCID-w2b2-fuky-j3ff
9
vulnerability VCID-w9ca-exua-g7ar
10
vulnerability VCID-x7rg-rsb5-pya7
11
vulnerability VCID-y8up-cqtu-jkdw
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.4
aliases CVE-2019-10154, GHSA-ww45-x87c-wgff
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m3np-aebb-8qaa
24
url VCID-m4zv-e3dn-budf
vulnerability_id VCID-m4zv-e3dn-budf
summary 
Improper Access Control
Unauthenticated users can trigger custom messages to admin via paypal enrol script. Paypal IPN callback script should only send error emails to admin after request origin was verified, otherwise admin email can be spammed.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1081
reference_id
reference_type
scores
0
value 0.00927
scoring_system epss
scoring_elements 0.76428
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1081
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-61392
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-61392
3
reference_url https://moodle.org/mod/forum/discuss.php?d=367938
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=367938
4
reference_url http://www.securityfocus.com/bid/103728
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/103728
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1081
reference_id CVE-2018-1081
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1081
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.11
purl pkg:composer/moodle/moodle@3.1.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-9t4u-n1pn-w3bd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-b7br-bh2d-rygp
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-ckg1-9vpt-yfdk
9
vulnerability VCID-deur-8zdf-2kh2
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fegs-ubsk-63hu
12
vulnerability VCID-g8ct-c4ce-zuaf
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k73h-z6j8-gkgz
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-mkfz-e1ft-2bcw
17
vulnerability VCID-nntc-dsz1-e3fp
18
vulnerability VCID-p2gd-7uam-mqf8
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-qxsq-ku22-r7gx
21
vulnerability VCID-r6kn-b963-eqge
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vfp6-4h8n-bkax
24
vulnerability VCID-w9ca-exua-g7ar
25
vulnerability VCID-x7rg-rsb5-pya7
26
vulnerability VCID-y8up-cqtu-jkdw
27
vulnerability VCID-zjrq-np3y-hua5
28
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.11
1
url pkg:composer/moodle/moodle@3.2.8
purl pkg:composer/moodle/moodle@3.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-b7br-bh2d-rygp
3
vulnerability VCID-ckg1-9vpt-yfdk
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-fegs-ubsk-63hu
6
vulnerability VCID-g8ct-c4ce-zuaf
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-mkfz-e1ft-2bcw
10
vulnerability VCID-nntc-dsz1-e3fp
11
vulnerability VCID-p2gd-7uam-mqf8
12
vulnerability VCID-qhv1-wgpm-7fh6
13
vulnerability VCID-w9ca-exua-g7ar
14
vulnerability VCID-x7rg-rsb5-pya7
15
vulnerability VCID-y8up-cqtu-jkdw
16
vulnerability VCID-zjrq-np3y-hua5
17
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.8
2
url pkg:composer/moodle/moodle@3.3.5
purl pkg:composer/moodle/moodle@3.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-8mgr-gdzj-4ybs
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-b7br-bh2d-rygp
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-ckg1-9vpt-yfdk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-fegs-ubsk-63hu
9
vulnerability VCID-g8ct-c4ce-zuaf
10
vulnerability VCID-jcq6-btgz-fkf6
11
vulnerability VCID-m3np-aebb-8qaa
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-mmg3-7fz9-5uak
14
vulnerability VCID-nntc-dsz1-e3fp
15
vulnerability VCID-p2gd-7uam-mqf8
16
vulnerability VCID-qhv1-wgpm-7fh6
17
vulnerability VCID-vfp6-4h8n-bkax
18
vulnerability VCID-w9ca-exua-g7ar
19
vulnerability VCID-x7rg-rsb5-pya7
20
vulnerability VCID-x9vd-njdz-jua9
21
vulnerability VCID-y8up-cqtu-jkdw
22
vulnerability VCID-zjrq-np3y-hua5
23
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.5
3
url pkg:composer/moodle/moodle@3.4.2
purl pkg:composer/moodle/moodle@3.4.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-b7br-bh2d-rygp
6
vulnerability VCID-bjnq-q2nd-1khp
7
vulnerability VCID-ckg1-9vpt-yfdk
8
vulnerability VCID-deur-8zdf-2kh2
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fegs-ubsk-63hu
11
vulnerability VCID-g8ct-c4ce-zuaf
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k73h-z6j8-gkgz
14
vulnerability VCID-m3np-aebb-8qaa
15
vulnerability VCID-mkfz-e1ft-2bcw
16
vulnerability VCID-mmg3-7fz9-5uak
17
vulnerability VCID-nntc-dsz1-e3fp
18
vulnerability VCID-p2gd-7uam-mqf8
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-qxsq-ku22-r7gx
21
vulnerability VCID-r6kn-b963-eqge
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vfp6-4h8n-bkax
24
vulnerability VCID-w9ca-exua-g7ar
25
vulnerability VCID-x7rg-rsb5-pya7
26
vulnerability VCID-x9vd-njdz-jua9
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-zjrq-np3y-hua5
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.2
aliases CVE-2018-1081, GHSA-v9xq-vh72-chr4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m4zv-e3dn-budf
25
url VCID-mkfz-e1ft-2bcw
vulnerability_id VCID-mkfz-e1ft-2bcw
summary 
Code Injection
It was found in Moodle that it was possible for site administrators to execute arbitrary PHP scripts via a PHP include used during Shibboleth authentication.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20187
reference_id
reference_type
scores
0
value 0.00679
scoring_system epss
scoring_elements 0.7197
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20187
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=417171
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=417171
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20187
reference_id CVE-2021-20187
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20187
fixed_packages
0
url pkg:composer/moodle/moodle@3.5.16
purl pkg:composer/moodle/moodle@3.5.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-dpd2-1sqc-qqfy
2
vulnerability VCID-gnez-ehgq-rfbr
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
6
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.16
1
url pkg:composer/moodle/moodle@3.8.7
purl pkg:composer/moodle/moodle@3.8.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-dpd2-1sqc-qqfy
2
vulnerability VCID-gnez-ehgq-rfbr
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.7
2
url pkg:composer/moodle/moodle@3.9.4
purl pkg:composer/moodle/moodle@3.9.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-dpd2-1sqc-qqfy
2
vulnerability VCID-gnez-ehgq-rfbr
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.4
3
url pkg:composer/moodle/moodle@3.10.1
purl pkg:composer/moodle/moodle@3.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-bu6d-ns3s-fuck
2
vulnerability VCID-dpd2-1sqc-qqfy
3
vulnerability VCID-gnez-ehgq-rfbr
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.1
aliases CVE-2021-20187, GHSA-2jrm-gww7-wch2
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mkfz-e1ft-2bcw
26
url VCID-nntc-dsz1-e3fp
vulnerability_id VCID-nntc-dsz1-e3fp
summary 
Cross-site Scripting
It was found in Moodle that if the TeX notation filter was enabled, additional sanitizing of TeX content was required to prevent the risk of stored XSS.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20186
reference_id
reference_type
scores
0
value 0.0053
scoring_system epss
scoring_elements 0.67569
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20186
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=417170
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=417170
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20186
reference_id CVE-2021-20186
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20186
fixed_packages
0
url pkg:composer/moodle/moodle@3.5.16
purl pkg:composer/moodle/moodle@3.5.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-dpd2-1sqc-qqfy
2
vulnerability VCID-gnez-ehgq-rfbr
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
6
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.16
1
url pkg:composer/moodle/moodle@3.8.7
purl pkg:composer/moodle/moodle@3.8.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-dpd2-1sqc-qqfy
2
vulnerability VCID-gnez-ehgq-rfbr
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.7
2
url pkg:composer/moodle/moodle@3.9.4
purl pkg:composer/moodle/moodle@3.9.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-dpd2-1sqc-qqfy
2
vulnerability VCID-gnez-ehgq-rfbr
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.4
3
url pkg:composer/moodle/moodle@3.10.1
purl pkg:composer/moodle/moodle@3.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-bu6d-ns3s-fuck
2
vulnerability VCID-dpd2-1sqc-qqfy
3
vulnerability VCID-gnez-ehgq-rfbr
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.1
aliases CVE-2021-20186, GHSA-h8m4-h385-qhqv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nntc-dsz1-e3fp
27
url VCID-p2gd-7uam-mqf8
vulnerability_id VCID-p2gd-7uam-mqf8
summary 
Injection Vulnerability
An issue was discovered in Moodle. A Teacher creating a Calculated question can intentionally cause remote code execution on the server.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1133
reference_id
reference_type
scores
0
value 0.40785
scoring_system epss
scoring_elements 0.97448
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1133
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=371199
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=371199
3
reference_url https://www.exploit-db.com/exploits/46551
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/46551
4
reference_url https://www.exploit-db.com/exploits/46551/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/46551/
5
reference_url http://www.securityfocus.com/bid/104307
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/104307
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/46551.php
reference_id CVE-2018-1133
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/46551.php
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1133
reference_id CVE-2018-1133
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1133
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.12
purl pkg:composer/moodle/moodle@3.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-9t4u-n1pn-w3bd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-bjnq-q2nd-1khp
7
vulnerability VCID-deur-8zdf-2kh2
8
vulnerability VCID-eu27-a3px-87ed
9
vulnerability VCID-jcq6-btgz-fkf6
10
vulnerability VCID-k73h-z6j8-gkgz
11
vulnerability VCID-m3np-aebb-8qaa
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-qxsq-ku22-r7gx
16
vulnerability VCID-r6kn-b963-eqge
17
vulnerability VCID-s6uu-335k-yfbc
18
vulnerability VCID-vfp6-4h8n-bkax
19
vulnerability VCID-w9ca-exua-g7ar
20
vulnerability VCID-x7rg-rsb5-pya7
21
vulnerability VCID-y8up-cqtu-jkdw
22
vulnerability VCID-zjrq-np3y-hua5
23
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.12
1
url pkg:composer/moodle/moodle@3.2.9
purl pkg:composer/moodle/moodle@3.2.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-eu27-a3px-87ed
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-m3np-aebb-8qaa
5
vulnerability VCID-mkfz-e1ft-2bcw
6
vulnerability VCID-nntc-dsz1-e3fp
7
vulnerability VCID-qhv1-wgpm-7fh6
8
vulnerability VCID-w9ca-exua-g7ar
9
vulnerability VCID-x7rg-rsb5-pya7
10
vulnerability VCID-y8up-cqtu-jkdw
11
vulnerability VCID-zjrq-np3y-hua5
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.9
2
url pkg:composer/moodle/moodle@3.3.6
purl pkg:composer/moodle/moodle@3.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-8mgr-gdzj-4ybs
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-eu27-a3px-87ed
6
vulnerability VCID-jcq6-btgz-fkf6
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-mkfz-e1ft-2bcw
9
vulnerability VCID-mmg3-7fz9-5uak
10
vulnerability VCID-nntc-dsz1-e3fp
11
vulnerability VCID-qhv1-wgpm-7fh6
12
vulnerability VCID-vfp6-4h8n-bkax
13
vulnerability VCID-w9ca-exua-g7ar
14
vulnerability VCID-x7rg-rsb5-pya7
15
vulnerability VCID-x9vd-njdz-jua9
16
vulnerability VCID-y8up-cqtu-jkdw
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.6
3
url pkg:composer/moodle/moodle@3.4.3
purl pkg:composer/moodle/moodle@3.4.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-deur-8zdf-2kh2
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-jcq6-btgz-fkf6
9
vulnerability VCID-k73h-z6j8-gkgz
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-mkfz-e1ft-2bcw
12
vulnerability VCID-mmg3-7fz9-5uak
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-qxsq-ku22-r7gx
16
vulnerability VCID-r6kn-b963-eqge
17
vulnerability VCID-s6uu-335k-yfbc
18
vulnerability VCID-vfp6-4h8n-bkax
19
vulnerability VCID-w9ca-exua-g7ar
20
vulnerability VCID-x7rg-rsb5-pya7
21
vulnerability VCID-x9vd-njdz-jua9
22
vulnerability VCID-y8up-cqtu-jkdw
23
vulnerability VCID-zjrq-np3y-hua5
24
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.3
aliases CVE-2018-1133, GHSA-xh2j-q4mc-v522
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p2gd-7uam-mqf8
28
url VCID-q2fa-jymp-c3bb
vulnerability_id VCID-q2fa-jymp-c3bb
summary 
Information Exposure
Moodle has a user fullname disclosure through the user preferences page.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-2642
reference_id
reference_type
scores
0
value 0.00165
scoring_system epss
scoring_elements 0.37265
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-2642
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=355554
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=355554
3
reference_url http://www.securityfocus.com/bid/99606
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/99606
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-2642
reference_id CVE-2017-2642
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-2642
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.7
purl pkg:composer/moodle/moodle@3.1.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8mgr-gdzj-4ybs
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-9t4u-n1pn-w3bd
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-b7br-bh2d-rygp
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-ckg1-9vpt-yfdk
12
vulnerability VCID-deur-8zdf-2kh2
13
vulnerability VCID-duna-st9c-mqbk
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fegs-ubsk-63hu
16
vulnerability VCID-g8ct-c4ce-zuaf
17
vulnerability VCID-jcq6-btgz-fkf6
18
vulnerability VCID-k73h-z6j8-gkgz
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-p2gd-7uam-mqf8
24
vulnerability VCID-qhv1-wgpm-7fh6
25
vulnerability VCID-qxsq-ku22-r7gx
26
vulnerability VCID-r6kn-b963-eqge
27
vulnerability VCID-s6uu-335k-yfbc
28
vulnerability VCID-vfp6-4h8n-bkax
29
vulnerability VCID-w9ca-exua-g7ar
30
vulnerability VCID-x7rg-rsb5-pya7
31
vulnerability VCID-y8up-cqtu-jkdw
32
vulnerability VCID-yghg-775s-vber
33
vulnerability VCID-zgzm-wj81-jkah
34
vulnerability VCID-zjrq-np3y-hua5
35
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.7
1
url pkg:composer/moodle/moodle@3.2.4
purl pkg:composer/moodle/moodle@3.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-9nd7-4wve-97hc
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-b7br-bh2d-rygp
6
vulnerability VCID-ckg1-9vpt-yfdk
7
vulnerability VCID-duna-st9c-mqbk
8
vulnerability VCID-eu27-a3px-87ed
9
vulnerability VCID-fegs-ubsk-63hu
10
vulnerability VCID-g8ct-c4ce-zuaf
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-nc2j-pay7-ryab
16
vulnerability VCID-nntc-dsz1-e3fp
17
vulnerability VCID-p2gd-7uam-mqf8
18
vulnerability VCID-qhv1-wgpm-7fh6
19
vulnerability VCID-w9ca-exua-g7ar
20
vulnerability VCID-x7rg-rsb5-pya7
21
vulnerability VCID-y8up-cqtu-jkdw
22
vulnerability VCID-yghg-775s-vber
23
vulnerability VCID-zgzm-wj81-jkah
24
vulnerability VCID-zjrq-np3y-hua5
25
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.4
2
url pkg:composer/moodle/moodle@3.3.1
purl pkg:composer/moodle/moodle@3.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-83kb-4mk9-t7ge
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-9nd7-4wve-97hc
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-b7br-bh2d-rygp
8
vulnerability VCID-bjnq-q2nd-1khp
9
vulnerability VCID-ckg1-9vpt-yfdk
10
vulnerability VCID-duna-st9c-mqbk
11
vulnerability VCID-eu27-a3px-87ed
12
vulnerability VCID-fegs-ubsk-63hu
13
vulnerability VCID-fygy-9njn-abgd
14
vulnerability VCID-g8ct-c4ce-zuaf
15
vulnerability VCID-jcq6-btgz-fkf6
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-mmg3-7fz9-5uak
20
vulnerability VCID-nc2j-pay7-ryab
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-p2gd-7uam-mqf8
23
vulnerability VCID-q2fa-jymp-c3bb
24
vulnerability VCID-qhv1-wgpm-7fh6
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-x9vd-njdz-jua9
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-yp82-zj5g-pbaf
32
vulnerability VCID-zgzm-wj81-jkah
33
vulnerability VCID-zjrq-np3y-hua5
34
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.1
3
url pkg:composer/moodle/moodle@3.3.2
purl pkg:composer/moodle/moodle@3.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-83kb-4mk9-t7ge
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-b7br-bh2d-rygp
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-ckg1-9vpt-yfdk
9
vulnerability VCID-duna-st9c-mqbk
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fegs-ubsk-63hu
12
vulnerability VCID-fygy-9njn-abgd
13
vulnerability VCID-g8ct-c4ce-zuaf
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-mmg3-7fz9-5uak
19
vulnerability VCID-nc2j-pay7-ryab
20
vulnerability VCID-nntc-dsz1-e3fp
21
vulnerability VCID-p2gd-7uam-mqf8
22
vulnerability VCID-qhv1-wgpm-7fh6
23
vulnerability VCID-vfp6-4h8n-bkax
24
vulnerability VCID-w9ca-exua-g7ar
25
vulnerability VCID-x7rg-rsb5-pya7
26
vulnerability VCID-x9vd-njdz-jua9
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zgzm-wj81-jkah
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.2
aliases CVE-2017-2642, GHSA-54r2-r67g-fr9m
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q2fa-jymp-c3bb
29
url VCID-qhv1-wgpm-7fh6
vulnerability_id VCID-qhv1-wgpm-7fh6
summary 
Improper Authorization
Users could assign themselves an escalated role within courses or content accessed via LTI, by modifying the request to the LTI publisher site.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3849
reference_id
reference_type
scores
0
value 0.00374
scoring_system epss
scoring_elements 0.59366
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3849
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3849
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3849
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/427463a52574e4b3bcbe1c65c49066438770641e
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/427463a52574e4b3bcbe1c65c49066438770641e
4
reference_url https://github.com/moodle/moodle/commit/430f685834cef190bdf58afabe79e765d596890d
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/430f685834cef190bdf58afabe79e765d596890d
5
reference_url https://github.com/moodle/moodle/commit/723d1a747555b795ed53a0fad01da455797bb78f
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/723d1a747555b795ed53a0fad01da455797bb78f
6
reference_url https://github.com/moodle/moodle/commit/898d5d05a0c3ae6795db0241bf3cb5951213d45c
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/898d5d05a0c3ae6795db0241bf3cb5951213d45c
7
reference_url https://github.com/moodle/moodle/commit/b77dcd23d8e39265b5c096f0d947764c02d832c8
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/b77dcd23d8e39265b5c096f0d947764c02d832c8
8
reference_url https://github.com/moodle/moodle/commit/cd3060d941a051931eb2613b25bafb0108665895
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/cd3060d941a051931eb2613b25bafb0108665895
9
reference_url https://github.com/moodle/moodle/commit/fba7dcd90abd45210d782a79c6e25bb3840c7438
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/fba7dcd90abd45210d782a79c6e25bb3840c7438
10
reference_url https://moodle.org/mod/forum/discuss.php?d=384012#p1547744
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=384012#p1547744
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-3849
reference_id CVE-2019-3849
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-3849
fixed_packages
0
url pkg:composer/moodle/moodle@3.4.8
purl pkg:composer/moodle/moodle@3.4.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qxsq-ku22-r7gx
9
vulnerability VCID-w9ca-exua-g7ar
10
vulnerability VCID-x7rg-rsb5-pya7
11
vulnerability VCID-y8up-cqtu-jkdw
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.8
1
url pkg:composer/moodle/moodle@3.5.5
purl pkg:composer/moodle/moodle@3.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-3cb4-wz6x-ckcd
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-56wj-4124-ryd2
4
vulnerability VCID-6m19-4krm-2udd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-bbj9-hpz3-xqhh
7
vulnerability VCID-c1a1-z5m1-nfbc
8
vulnerability VCID-deur-8zdf-2kh2
9
vulnerability VCID-dpd2-1sqc-qqfy
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fskk-cb95-uqer
12
vulnerability VCID-gnez-ehgq-rfbr
13
vulnerability VCID-hhzz-hbqz-akfw
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-jcsq-3q5z-4kc6
16
vulnerability VCID-kgva-z9gg-u3dw
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-mhm4-8kuk-t7b6
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-mqde-66zm-qbbj
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-paj4-nq1r-jbd3
23
vulnerability VCID-pgfa-bkaw-q7cq
24
vulnerability VCID-qxsq-ku22-r7gx
25
vulnerability VCID-w2b2-fuky-j3ff
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-y8up-cqtu-jkdw
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.5
2
url pkg:composer/moodle/moodle@3.6.3
purl pkg:composer/moodle/moodle@3.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-hhzz-hbqz-akfw
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-kgva-z9gg-u3dw
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-n5tc-1k33-dfeq
9
vulnerability VCID-paj4-nq1r-jbd3
10
vulnerability VCID-qxsq-ku22-r7gx
11
vulnerability VCID-w2b2-fuky-j3ff
12
vulnerability VCID-w9ca-exua-g7ar
13
vulnerability VCID-x7rg-rsb5-pya7
14
vulnerability VCID-y8up-cqtu-jkdw
15
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.3
aliases CVE-2019-3849, GHSA-5wg9-5w3f-hxmh
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qhv1-wgpm-7fh6
30
url VCID-qxsq-ku22-r7gx
vulnerability_id VCID-qxsq-ku22-r7gx
summary 
URL Redirection to Untrusted Site (Open Redirect)
The form to upload cohorts contained a redirect field, which was not restricted to internal URLs.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10133
reference_id
reference_type
scores
0
value 0.00153
scoring_system epss
scoring_elements 0.35739
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10133
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10133
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10133
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/5a89ac9640b3a695720845b6ddeff65e69a289fc
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/5a89ac9640b3a695720845b6ddeff65e69a289fc
4
reference_url https://github.com/moodle/moodle/commit/a6258d0934f707b1d033f50fb41ffbcf45bb2102
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/a6258d0934f707b1d033f50fb41ffbcf45bb2102
5
reference_url https://github.com/moodle/moodle/commit/c509d108216524887c7ca08b1c451054d669ea75
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/c509d108216524887c7ca08b1c451054d669ea75
6
reference_url https://github.com/moodle/moodle/commit/cd6fb4322b6b1914c05f05033a71ed060f875fd4
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/cd6fb4322b6b1914c05f05033a71ed060f875fd4
7
reference_url https://github.com/moodle/moodle/commit/d5067bffd230d733ad24f6aeaa56aaa17eca5bfb
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/d5067bffd230d733ad24f6aeaa56aaa17eca5bfb
8
reference_url https://moodle.org/mod/forum/discuss.php?d=386523
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=386523
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10133
reference_id CVE-2019-10133
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10133
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.18
purl pkg:composer/moodle/moodle@3.1.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-eu27-a3px-87ed
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-m3np-aebb-8qaa
5
vulnerability VCID-mkfz-e1ft-2bcw
6
vulnerability VCID-nntc-dsz1-e3fp
7
vulnerability VCID-w9ca-exua-g7ar
8
vulnerability VCID-x7rg-rsb5-pya7
9
vulnerability VCID-y8up-cqtu-jkdw
10
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.18
1
url pkg:composer/moodle/moodle@3.4.9
purl pkg:composer/moodle/moodle@3.4.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-eu27-a3px-87ed
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-m3np-aebb-8qaa
5
vulnerability VCID-mkfz-e1ft-2bcw
6
vulnerability VCID-nntc-dsz1-e3fp
7
vulnerability VCID-w9ca-exua-g7ar
8
vulnerability VCID-x7rg-rsb5-pya7
9
vulnerability VCID-y8up-cqtu-jkdw
10
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.9
2
url pkg:composer/moodle/moodle@3.5.6
purl pkg:composer/moodle/moodle@3.5.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-3cb4-wz6x-ckcd
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-56wj-4124-ryd2
4
vulnerability VCID-6m19-4krm-2udd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-bbj9-hpz3-xqhh
7
vulnerability VCID-c1a1-z5m1-nfbc
8
vulnerability VCID-dpd2-1sqc-qqfy
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fskk-cb95-uqer
11
vulnerability VCID-gnez-ehgq-rfbr
12
vulnerability VCID-hhzz-hbqz-akfw
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-jcsq-3q5z-4kc6
15
vulnerability VCID-kgva-z9gg-u3dw
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-mhm4-8kuk-t7b6
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-mqde-66zm-qbbj
20
vulnerability VCID-nntc-dsz1-e3fp
21
vulnerability VCID-paj4-nq1r-jbd3
22
vulnerability VCID-pgfa-bkaw-q7cq
23
vulnerability VCID-w2b2-fuky-j3ff
24
vulnerability VCID-w9ca-exua-g7ar
25
vulnerability VCID-x7rg-rsb5-pya7
26
vulnerability VCID-y8up-cqtu-jkdw
27
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.6
3
url pkg:composer/moodle/moodle@3.6.4
purl pkg:composer/moodle/moodle@3.6.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-eu27-a3px-87ed
3
vulnerability VCID-hhzz-hbqz-akfw
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-kgva-z9gg-u3dw
6
vulnerability VCID-n5tc-1k33-dfeq
7
vulnerability VCID-paj4-nq1r-jbd3
8
vulnerability VCID-w2b2-fuky-j3ff
9
vulnerability VCID-w9ca-exua-g7ar
10
vulnerability VCID-x7rg-rsb5-pya7
11
vulnerability VCID-y8up-cqtu-jkdw
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.4
aliases CVE-2019-10133, GHSA-5xp2-rv4h-mm2q
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qxsq-ku22-r7gx
31
url VCID-r6kn-b963-eqge
vulnerability_id VCID-r6kn-b963-eqge
summary 
URL Redirection to Untrusted Site (Open Redirect)
Links within assignment submission comments would open directly (in the same window). Although links themselves may be valid, opening within the same window and without the no-referrer header policy made them more susceptible to exploits.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3850
reference_id
reference_type
scores
0
value 0.00072
scoring_system epss
scoring_elements 0.22031
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3850
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3850
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3850
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/1fc481dd7b09e08e85824c1fe6733b303a36bdce
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/1fc481dd7b09e08e85824c1fe6733b303a36bdce
4
reference_url https://github.com/moodle/moodle/commit/772c908d40a944efd91d897d524b255626d330d4
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/772c908d40a944efd91d897d524b255626d330d4
5
reference_url https://github.com/moodle/moodle/commit/907b377e51c32ea37feef53e10684b504e103273
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/907b377e51c32ea37feef53e10684b504e103273
6
reference_url https://github.com/moodle/moodle/commit/d3f2f990dd3c5d4e6073a77154c6423d1c304647
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/d3f2f990dd3c5d4e6073a77154c6423d1c304647
7
reference_url https://moodle.org/mod/forum/discuss.php?d=384013#p1547745
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=384013#p1547745
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-3850
reference_id CVE-2019-3850
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-3850
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.17
purl pkg:composer/moodle/moodle@3.1.17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qhv1-wgpm-7fh6
9
vulnerability VCID-qxsq-ku22-r7gx
10
vulnerability VCID-w9ca-exua-g7ar
11
vulnerability VCID-x7rg-rsb5-pya7
12
vulnerability VCID-y8up-cqtu-jkdw
13
vulnerability VCID-zjrq-np3y-hua5
14
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.17
1
url pkg:composer/moodle/moodle@3.4.8
purl pkg:composer/moodle/moodle@3.4.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qxsq-ku22-r7gx
9
vulnerability VCID-w9ca-exua-g7ar
10
vulnerability VCID-x7rg-rsb5-pya7
11
vulnerability VCID-y8up-cqtu-jkdw
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.8
2
url pkg:composer/moodle/moodle@3.5.5
purl pkg:composer/moodle/moodle@3.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-3cb4-wz6x-ckcd
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-56wj-4124-ryd2
4
vulnerability VCID-6m19-4krm-2udd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-bbj9-hpz3-xqhh
7
vulnerability VCID-c1a1-z5m1-nfbc
8
vulnerability VCID-deur-8zdf-2kh2
9
vulnerability VCID-dpd2-1sqc-qqfy
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fskk-cb95-uqer
12
vulnerability VCID-gnez-ehgq-rfbr
13
vulnerability VCID-hhzz-hbqz-akfw
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-jcsq-3q5z-4kc6
16
vulnerability VCID-kgva-z9gg-u3dw
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-mhm4-8kuk-t7b6
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-mqde-66zm-qbbj
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-paj4-nq1r-jbd3
23
vulnerability VCID-pgfa-bkaw-q7cq
24
vulnerability VCID-qxsq-ku22-r7gx
25
vulnerability VCID-w2b2-fuky-j3ff
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-y8up-cqtu-jkdw
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.5
3
url pkg:composer/moodle/moodle@3.6.3
purl pkg:composer/moodle/moodle@3.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-hhzz-hbqz-akfw
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-kgva-z9gg-u3dw
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-n5tc-1k33-dfeq
9
vulnerability VCID-paj4-nq1r-jbd3
10
vulnerability VCID-qxsq-ku22-r7gx
11
vulnerability VCID-w2b2-fuky-j3ff
12
vulnerability VCID-w9ca-exua-g7ar
13
vulnerability VCID-x7rg-rsb5-pya7
14
vulnerability VCID-y8up-cqtu-jkdw
15
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.3
aliases CVE-2019-3850, GHSA-3fj7-9j8m-7r8g
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r6kn-b963-eqge
32
url VCID-s6uu-335k-yfbc
vulnerability_id VCID-s6uu-335k-yfbc
summary 
Improper Input Validation
Users with the "login as other users" capability (such as administrators/managers) can access other users' Dashboards, but the JavaScript those other users may have added to their Dashboard was not being escaped when being viewed by the user logging in on their behalf.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3847
reference_id
reference_type
scores
0
value 0.00867
scoring_system epss
scoring_elements 0.75516
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3847
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3847
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3847
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/070f24d006eab6b958eb083530de159b43c538ed
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/070f24d006eab6b958eb083530de159b43c538ed
4
reference_url https://github.com/moodle/moodle/commit/93dda3bfd3caaaa8d23fe8ede543f27ef774958d
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/93dda3bfd3caaaa8d23fe8ede543f27ef774958d
5
reference_url https://github.com/moodle/moodle/commit/a37e26d2efe1ca0e4d8d69c611a748af35b33674
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/a37e26d2efe1ca0e4d8d69c611a748af35b33674
6
reference_url https://github.com/moodle/moodle/commit/e836242e1c04cd62d0afa4a790074fd245628e7a
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/e836242e1c04cd62d0afa4a790074fd245628e7a
7
reference_url https://github.com/moodle/moodle/commit/ec3b63c772d6448765c68268234cf36c1a91bcac
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/ec3b63c772d6448765c68268234cf36c1a91bcac
8
reference_url https://moodle.org/mod/forum/discuss.php?d=384010#p1547742
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=384010#p1547742
9
reference_url https://web.archive.org/web/20200227082922/http://www.securityfocus.com/bid/107489
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227082922/http://www.securityfocus.com/bid/107489
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-3847
reference_id CVE-2019-3847
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-3847
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.17
purl pkg:composer/moodle/moodle@3.1.17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qhv1-wgpm-7fh6
9
vulnerability VCID-qxsq-ku22-r7gx
10
vulnerability VCID-w9ca-exua-g7ar
11
vulnerability VCID-x7rg-rsb5-pya7
12
vulnerability VCID-y8up-cqtu-jkdw
13
vulnerability VCID-zjrq-np3y-hua5
14
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.17
1
url pkg:composer/moodle/moodle@3.4.8
purl pkg:composer/moodle/moodle@3.4.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qxsq-ku22-r7gx
9
vulnerability VCID-w9ca-exua-g7ar
10
vulnerability VCID-x7rg-rsb5-pya7
11
vulnerability VCID-y8up-cqtu-jkdw
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.8
2
url pkg:composer/moodle/moodle@3.5.5
purl pkg:composer/moodle/moodle@3.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-3cb4-wz6x-ckcd
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-56wj-4124-ryd2
4
vulnerability VCID-6m19-4krm-2udd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-bbj9-hpz3-xqhh
7
vulnerability VCID-c1a1-z5m1-nfbc
8
vulnerability VCID-deur-8zdf-2kh2
9
vulnerability VCID-dpd2-1sqc-qqfy
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fskk-cb95-uqer
12
vulnerability VCID-gnez-ehgq-rfbr
13
vulnerability VCID-hhzz-hbqz-akfw
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-jcsq-3q5z-4kc6
16
vulnerability VCID-kgva-z9gg-u3dw
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-mhm4-8kuk-t7b6
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-mqde-66zm-qbbj
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-paj4-nq1r-jbd3
23
vulnerability VCID-pgfa-bkaw-q7cq
24
vulnerability VCID-qxsq-ku22-r7gx
25
vulnerability VCID-w2b2-fuky-j3ff
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-y8up-cqtu-jkdw
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.5
3
url pkg:composer/moodle/moodle@3.6.3
purl pkg:composer/moodle/moodle@3.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-hhzz-hbqz-akfw
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-kgva-z9gg-u3dw
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-n5tc-1k33-dfeq
9
vulnerability VCID-paj4-nq1r-jbd3
10
vulnerability VCID-qxsq-ku22-r7gx
11
vulnerability VCID-w2b2-fuky-j3ff
12
vulnerability VCID-w9ca-exua-g7ar
13
vulnerability VCID-x7rg-rsb5-pya7
14
vulnerability VCID-y8up-cqtu-jkdw
15
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.3
aliases CVE-2019-3847, GHSA-qrcj-6fjw-3h9h
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s6uu-335k-yfbc
33
url VCID-vfp6-4h8n-bkax
vulnerability_id VCID-vfp6-4h8n-bkax
summary 
Code Injection
Moodle is vulnerable to an XML import of ddwtos could lead to intentional remote code execution. When importing legacy `drag and drop into text` (ddwtos) type quiz questions, it was possible to inject and execute PHP code from within the imported questions, either intentionally or by importing questions from an untrusted source.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-62880
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-62880
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-14630
reference_id
reference_type
scores
0
value 0.01859
scoring_system epss
scoring_elements 0.83401
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-14630
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14630
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14630
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/09cbca8566a388e8f0a1a0cfd86cd0667088ed2c
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/09cbca8566a388e8f0a1a0cfd86cd0667088ed2c
5
reference_url https://github.com/moodle/moodle/commit/be092b730910ad97fff0511e177a097ec1cc4b1c
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/be092b730910ad97fff0511e177a097ec1cc4b1c
6
reference_url https://github.com/moodle/moodle/commit/cb8aefa658cf7ad8f002a480343afb2dea94cc08
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/cb8aefa658cf7ad8f002a480343afb2dea94cc08
7
reference_url https://github.com/moodle/moodle/commit/cfc4393aa689c277a27b9a040ff7dcbdac4e41dd
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/cfc4393aa689c277a27b9a040ff7dcbdac4e41dd
8
reference_url https://github.com/moodle/moodle/commit/da1eeea0ff3d292b7669e478abc114872dd9cc8f
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/da1eeea0ff3d292b7669e478abc114872dd9cc8f
9
reference_url https://moodle.org/mod/forum/discuss.php?d=376023
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=376023
10
reference_url https://seclists.org/fulldisclosure/2018/Sep/28
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/fulldisclosure/2018/Sep/28
11
reference_url https://web.archive.org/web/20200227111301/https://www.securityfocus.com/bid/105354
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227111301/https://www.securityfocus.com/bid/105354
12
reference_url https://www.sec-consult.com/en/blog/advisories/remote-code-execution-php-unserialize-moodle-open-source-learning-platform-cve-2018-14630
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.sec-consult.com/en/blog/advisories/remote-code-execution-php-unserialize-moodle-open-source-learning-platform-cve-2018-14630
13
reference_url http://www.securityfocus.com/bid/105354
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/105354
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14630
reference_id CVE-2018-14630
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-14630
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.14
purl pkg:composer/moodle/moodle@3.1.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-9t4u-n1pn-w3bd
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-deur-8zdf-2kh2
6
vulnerability VCID-eu27-a3px-87ed
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-k73h-z6j8-gkgz
9
vulnerability VCID-m3np-aebb-8qaa
10
vulnerability VCID-mkfz-e1ft-2bcw
11
vulnerability VCID-nntc-dsz1-e3fp
12
vulnerability VCID-qhv1-wgpm-7fh6
13
vulnerability VCID-qxsq-ku22-r7gx
14
vulnerability VCID-r6kn-b963-eqge
15
vulnerability VCID-s6uu-335k-yfbc
16
vulnerability VCID-w9ca-exua-g7ar
17
vulnerability VCID-x7rg-rsb5-pya7
18
vulnerability VCID-y8up-cqtu-jkdw
19
vulnerability VCID-zjrq-np3y-hua5
20
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.14
1
url pkg:composer/moodle/moodle@3.3.8
purl pkg:composer/moodle/moodle@3.3.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-bjnq-q2nd-1khp
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qhv1-wgpm-7fh6
9
vulnerability VCID-w9ca-exua-g7ar
10
vulnerability VCID-x7rg-rsb5-pya7
11
vulnerability VCID-y8up-cqtu-jkdw
12
vulnerability VCID-zjrq-np3y-hua5
13
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.8
2
url pkg:composer/moodle/moodle@3.4.5
purl pkg:composer/moodle/moodle@3.4.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-bjnq-q2nd-1khp
4
vulnerability VCID-deur-8zdf-2kh2
5
vulnerability VCID-eu27-a3px-87ed
6
vulnerability VCID-jcq6-btgz-fkf6
7
vulnerability VCID-k73h-z6j8-gkgz
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-mkfz-e1ft-2bcw
10
vulnerability VCID-nntc-dsz1-e3fp
11
vulnerability VCID-qhv1-wgpm-7fh6
12
vulnerability VCID-qxsq-ku22-r7gx
13
vulnerability VCID-r6kn-b963-eqge
14
vulnerability VCID-s6uu-335k-yfbc
15
vulnerability VCID-w9ca-exua-g7ar
16
vulnerability VCID-x7rg-rsb5-pya7
17
vulnerability VCID-y8up-cqtu-jkdw
18
vulnerability VCID-zjrq-np3y-hua5
19
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.5
3
url pkg:composer/moodle/moodle@3.5.2
purl pkg:composer/moodle/moodle@3.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-3cb4-wz6x-ckcd
3
vulnerability VCID-42fa-qbft-rfff
4
vulnerability VCID-56wj-4124-ryd2
5
vulnerability VCID-6m19-4krm-2udd
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-akv3-zfp8-kkc7
8
vulnerability VCID-bbj9-hpz3-xqhh
9
vulnerability VCID-bjnq-q2nd-1khp
10
vulnerability VCID-c1a1-z5m1-nfbc
11
vulnerability VCID-deur-8zdf-2kh2
12
vulnerability VCID-dpd2-1sqc-qqfy
13
vulnerability VCID-eu27-a3px-87ed
14
vulnerability VCID-fskk-cb95-uqer
15
vulnerability VCID-gnez-ehgq-rfbr
16
vulnerability VCID-hhzz-hbqz-akfw
17
vulnerability VCID-jcq6-btgz-fkf6
18
vulnerability VCID-jcsq-3q5z-4kc6
19
vulnerability VCID-k73h-z6j8-gkgz
20
vulnerability VCID-kgva-z9gg-u3dw
21
vulnerability VCID-m3np-aebb-8qaa
22
vulnerability VCID-mhm4-8kuk-t7b6
23
vulnerability VCID-mkfz-e1ft-2bcw
24
vulnerability VCID-mqde-66zm-qbbj
25
vulnerability VCID-nntc-dsz1-e3fp
26
vulnerability VCID-paj4-nq1r-jbd3
27
vulnerability VCID-pgfa-bkaw-q7cq
28
vulnerability VCID-qhv1-wgpm-7fh6
29
vulnerability VCID-qxsq-ku22-r7gx
30
vulnerability VCID-r6kn-b963-eqge
31
vulnerability VCID-s6uu-335k-yfbc
32
vulnerability VCID-w2b2-fuky-j3ff
33
vulnerability VCID-w9ca-exua-g7ar
34
vulnerability VCID-x7rg-rsb5-pya7
35
vulnerability VCID-y8up-cqtu-jkdw
36
vulnerability VCID-zjrq-np3y-hua5
37
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.2
aliases CVE-2018-14630, GHSA-c3pr-h96w-2jjg
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vfp6-4h8n-bkax
34
url VCID-vtq4-fpr8-hudb
vulnerability_id VCID-vtq4-fpr8-hudb
summary 
Exposure of Resource to Wrong Sphere
In Moodle, searching of arbitrary blogs is possible because a capability check is missing.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7490
reference_id
reference_type
scores
0
value 0.00295
scoring_system epss
scoring_elements 0.53036
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7490
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=352354
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=352354
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7490
reference_id CVE-2017-7490
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-7490
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.5
purl pkg:composer/moodle/moodle@3.1.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8mgr-gdzj-4ybs
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-9t4u-n1pn-w3bd
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-b7br-bh2d-rygp
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-ckg1-9vpt-yfdk
12
vulnerability VCID-deur-8zdf-2kh2
13
vulnerability VCID-duna-st9c-mqbk
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fegs-ubsk-63hu
16
vulnerability VCID-g8ct-c4ce-zuaf
17
vulnerability VCID-jcq6-btgz-fkf6
18
vulnerability VCID-k73h-z6j8-gkgz
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-p2gd-7uam-mqf8
24
vulnerability VCID-q2fa-jymp-c3bb
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-qxsq-ku22-r7gx
27
vulnerability VCID-r6kn-b963-eqge
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vfp6-4h8n-bkax
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-yghg-775s-vber
34
vulnerability VCID-yp82-zj5g-pbaf
35
vulnerability VCID-zgzm-wj81-jkah
36
vulnerability VCID-zjrq-np3y-hua5
37
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.5
1
url pkg:composer/moodle/moodle@3.1.6
purl pkg:composer/moodle/moodle@3.1.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8mgr-gdzj-4ybs
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-9t4u-n1pn-w3bd
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-b7br-bh2d-rygp
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-ckg1-9vpt-yfdk
12
vulnerability VCID-deur-8zdf-2kh2
13
vulnerability VCID-duna-st9c-mqbk
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fegs-ubsk-63hu
16
vulnerability VCID-g8ct-c4ce-zuaf
17
vulnerability VCID-jcq6-btgz-fkf6
18
vulnerability VCID-k73h-z6j8-gkgz
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-p2gd-7uam-mqf8
24
vulnerability VCID-q2fa-jymp-c3bb
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-qxsq-ku22-r7gx
27
vulnerability VCID-r6kn-b963-eqge
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vfp6-4h8n-bkax
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-yghg-775s-vber
34
vulnerability VCID-yp82-zj5g-pbaf
35
vulnerability VCID-zgzm-wj81-jkah
36
vulnerability VCID-zjrq-np3y-hua5
37
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.6
2
url pkg:composer/moodle/moodle@3.2.3
purl pkg:composer/moodle/moodle@3.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-9nd7-4wve-97hc
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-b7br-bh2d-rygp
6
vulnerability VCID-ckg1-9vpt-yfdk
7
vulnerability VCID-duna-st9c-mqbk
8
vulnerability VCID-eu27-a3px-87ed
9
vulnerability VCID-fegs-ubsk-63hu
10
vulnerability VCID-g8ct-c4ce-zuaf
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-nc2j-pay7-ryab
16
vulnerability VCID-nntc-dsz1-e3fp
17
vulnerability VCID-p2gd-7uam-mqf8
18
vulnerability VCID-q2fa-jymp-c3bb
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-w9ca-exua-g7ar
21
vulnerability VCID-x7rg-rsb5-pya7
22
vulnerability VCID-y8up-cqtu-jkdw
23
vulnerability VCID-yghg-775s-vber
24
vulnerability VCID-yp82-zj5g-pbaf
25
vulnerability VCID-zgzm-wj81-jkah
26
vulnerability VCID-zjrq-np3y-hua5
27
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.3
aliases CVE-2017-7490, GHSA-9x63-m3cc-qf3g
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vtq4-fpr8-hudb
35
url VCID-w9ca-exua-g7ar
vulnerability_id VCID-w9ca-exua-g7ar
summary 
Improper Access Control
Teachers in a quiz group could modify group overrides for other groups in the same quiz.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10188
reference_id
reference_type
scores
0
value 0.00156
scoring_system epss
scoring_elements 0.36022
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10188
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10188
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10188
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://moodle.org/mod/forum/discuss.php?d=388569
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=388569
4
reference_url http://www.securityfocus.com/bid/109178
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/109178
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10188
reference_id CVE-2019-10188
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10188
fixed_packages
0
url pkg:composer/moodle/moodle@3.5.7
purl pkg:composer/moodle/moodle@3.5.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-42fa-qbft-rfff
2
vulnerability VCID-56wj-4124-ryd2
3
vulnerability VCID-6m19-4krm-2udd
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-bbj9-hpz3-xqhh
6
vulnerability VCID-c1a1-z5m1-nfbc
7
vulnerability VCID-dpd2-1sqc-qqfy
8
vulnerability VCID-fskk-cb95-uqer
9
vulnerability VCID-gnez-ehgq-rfbr
10
vulnerability VCID-hhzz-hbqz-akfw
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-jcsq-3q5z-4kc6
13
vulnerability VCID-kgva-z9gg-u3dw
14
vulnerability VCID-mhm4-8kuk-t7b6
15
vulnerability VCID-mkfz-e1ft-2bcw
16
vulnerability VCID-mqde-66zm-qbbj
17
vulnerability VCID-nntc-dsz1-e3fp
18
vulnerability VCID-paj4-nq1r-jbd3
19
vulnerability VCID-pgfa-bkaw-q7cq
20
vulnerability VCID-w2b2-fuky-j3ff
21
vulnerability VCID-y8up-cqtu-jkdw
22
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7
1
url pkg:composer/moodle/moodle@3.6.5
purl pkg:composer/moodle/moodle@3.6.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a6pb-47tu-afcg
1
vulnerability VCID-hhzz-hbqz-akfw
2
vulnerability VCID-jcq6-btgz-fkf6
3
vulnerability VCID-kgva-z9gg-u3dw
4
vulnerability VCID-n5tc-1k33-dfeq
5
vulnerability VCID-paj4-nq1r-jbd3
6
vulnerability VCID-w2b2-fuky-j3ff
7
vulnerability VCID-y8up-cqtu-jkdw
8
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.5
2
url pkg:composer/moodle/moodle@3.7.1
purl pkg:composer/moodle/moodle@3.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-3uvf-6ztd-xkaf
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-494p-pmxw-b7e2
4
vulnerability VCID-56wj-4124-ryd2
5
vulnerability VCID-6m19-4krm-2udd
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-c14d-1sa2-rkf6
8
vulnerability VCID-c1a1-z5m1-nfbc
9
vulnerability VCID-fskk-cb95-uqer
10
vulnerability VCID-hhzz-hbqz-akfw
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-jcsq-3q5z-4kc6
13
vulnerability VCID-kgva-z9gg-u3dw
14
vulnerability VCID-n5tc-1k33-dfeq
15
vulnerability VCID-paj4-nq1r-jbd3
16
vulnerability VCID-w2b2-fuky-j3ff
17
vulnerability VCID-y8up-cqtu-jkdw
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1
aliases CVE-2019-10188, GHSA-92q5-2h76-vgmj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w9ca-exua-g7ar
36
url VCID-x7rg-rsb5-pya7
vulnerability_id VCID-x7rg-rsb5-pya7
summary 
Improper Access Control
Users with permission to delete entries from a glossary were able to delete entries from other glossaries they did not have direct access to.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10187
reference_id
reference_type
scores
0
value 0.00156
scoring_system epss
scoring_elements 0.36022
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10187
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10187
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10187
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://moodle.org/mod/forum/discuss.php?d=388568#p1566330
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=388568#p1566330
4
reference_url http://www.securityfocus.com/bid/109174
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/109174
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10187
reference_id CVE-2019-10187
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10187
fixed_packages
0
url pkg:composer/moodle/moodle@3.5.7
purl pkg:composer/moodle/moodle@3.5.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-42fa-qbft-rfff
2
vulnerability VCID-56wj-4124-ryd2
3
vulnerability VCID-6m19-4krm-2udd
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-bbj9-hpz3-xqhh
6
vulnerability VCID-c1a1-z5m1-nfbc
7
vulnerability VCID-dpd2-1sqc-qqfy
8
vulnerability VCID-fskk-cb95-uqer
9
vulnerability VCID-gnez-ehgq-rfbr
10
vulnerability VCID-hhzz-hbqz-akfw
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-jcsq-3q5z-4kc6
13
vulnerability VCID-kgva-z9gg-u3dw
14
vulnerability VCID-mhm4-8kuk-t7b6
15
vulnerability VCID-mkfz-e1ft-2bcw
16
vulnerability VCID-mqde-66zm-qbbj
17
vulnerability VCID-nntc-dsz1-e3fp
18
vulnerability VCID-paj4-nq1r-jbd3
19
vulnerability VCID-pgfa-bkaw-q7cq
20
vulnerability VCID-w2b2-fuky-j3ff
21
vulnerability VCID-y8up-cqtu-jkdw
22
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7
1
url pkg:composer/moodle/moodle@3.6.5
purl pkg:composer/moodle/moodle@3.6.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a6pb-47tu-afcg
1
vulnerability VCID-hhzz-hbqz-akfw
2
vulnerability VCID-jcq6-btgz-fkf6
3
vulnerability VCID-kgva-z9gg-u3dw
4
vulnerability VCID-n5tc-1k33-dfeq
5
vulnerability VCID-paj4-nq1r-jbd3
6
vulnerability VCID-w2b2-fuky-j3ff
7
vulnerability VCID-y8up-cqtu-jkdw
8
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.5
2
url pkg:composer/moodle/moodle@3.7.1
purl pkg:composer/moodle/moodle@3.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-3uvf-6ztd-xkaf
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-494p-pmxw-b7e2
4
vulnerability VCID-56wj-4124-ryd2
5
vulnerability VCID-6m19-4krm-2udd
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-c14d-1sa2-rkf6
8
vulnerability VCID-c1a1-z5m1-nfbc
9
vulnerability VCID-fskk-cb95-uqer
10
vulnerability VCID-hhzz-hbqz-akfw
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-jcsq-3q5z-4kc6
13
vulnerability VCID-kgva-z9gg-u3dw
14
vulnerability VCID-n5tc-1k33-dfeq
15
vulnerability VCID-paj4-nq1r-jbd3
16
vulnerability VCID-w2b2-fuky-j3ff
17
vulnerability VCID-y8up-cqtu-jkdw
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1
aliases CVE-2019-10187, GHSA-2mg9-hv69-897x
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x7rg-rsb5-pya7
37
url VCID-x927-nh46-7fdy
vulnerability_id VCID-x927-nh46-7fdy
summary 
Cross-site Scripting
In Moodle, an XSS can occur via attachments to evidence of prior learning.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-2645
reference_id
reference_type
scores
0
value 0.00285
scoring_system epss
scoring_elements 0.52121
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-2645
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=349422
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=349422
3
reference_url http://www.securityfocus.com/bid/96982
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/96982
4
reference_url http://www.securitytracker.com/id/1038174
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1038174
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-2645
reference_id CVE-2017-2645
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-2645
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.5
purl pkg:composer/moodle/moodle@3.1.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8mgr-gdzj-4ybs
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-9t4u-n1pn-w3bd
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-b7br-bh2d-rygp
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-ckg1-9vpt-yfdk
12
vulnerability VCID-deur-8zdf-2kh2
13
vulnerability VCID-duna-st9c-mqbk
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fegs-ubsk-63hu
16
vulnerability VCID-g8ct-c4ce-zuaf
17
vulnerability VCID-jcq6-btgz-fkf6
18
vulnerability VCID-k73h-z6j8-gkgz
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-p2gd-7uam-mqf8
24
vulnerability VCID-q2fa-jymp-c3bb
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-qxsq-ku22-r7gx
27
vulnerability VCID-r6kn-b963-eqge
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vfp6-4h8n-bkax
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-yghg-775s-vber
34
vulnerability VCID-yp82-zj5g-pbaf
35
vulnerability VCID-zgzm-wj81-jkah
36
vulnerability VCID-zjrq-np3y-hua5
37
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.5
1
url pkg:composer/moodle/moodle@3.2.2
purl pkg:composer/moodle/moodle@3.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-5rbf-4dz3-2qdz
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-9nd7-4wve-97hc
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-b1q7-u3cx-ukej
8
vulnerability VCID-b7br-bh2d-rygp
9
vulnerability VCID-ckg1-9vpt-yfdk
10
vulnerability VCID-duna-st9c-mqbk
11
vulnerability VCID-eu27-a3px-87ed
12
vulnerability VCID-fegs-ubsk-63hu
13
vulnerability VCID-g8ct-c4ce-zuaf
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nc2j-pay7-ryab
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-p2gd-7uam-mqf8
21
vulnerability VCID-q2fa-jymp-c3bb
22
vulnerability VCID-qhv1-wgpm-7fh6
23
vulnerability VCID-vtq4-fpr8-hudb
24
vulnerability VCID-w9ca-exua-g7ar
25
vulnerability VCID-x7rg-rsb5-pya7
26
vulnerability VCID-y8up-cqtu-jkdw
27
vulnerability VCID-yghg-775s-vber
28
vulnerability VCID-yp82-zj5g-pbaf
29
vulnerability VCID-zgzm-wj81-jkah
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.2
aliases CVE-2017-2645, GHSA-9cg4-4f87-jhm3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x927-nh46-7fdy
38
url VCID-y8up-cqtu-jkdw
vulnerability_id VCID-y8up-cqtu-jkdw
summary 
Cross-site Scripting
Persistent XSS in `/course/modedit.php` of Moodle allows authenticated users (Teacher) to inject JavaScript into the session of another user (e.g., enrolled student or site administrator) via the `introeditor[text]` parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-18210
reference_id
reference_type
scores
0
value 0.0044
scoring_system epss
scoring_elements 0.63483
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-18210
1
reference_url https://docs.moodle.org/38/en/Teacher_role
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.moodle.org/38/en/Teacher_role
2
reference_url https://gist.github.com/Danbardo/4a6b0fe8cb21ec6d7c54e6ac951bdb0a
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://gist.github.com/Danbardo/4a6b0fe8cb21ec6d7c54e6ac951bdb0a
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-18210
reference_id CVE-2019-18210
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-18210
fixed_packages
0
url pkg:composer/moodle/moodle@3.7.3
purl pkg:composer/moodle/moodle@3.7.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-3uvf-6ztd-xkaf
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-56wj-4124-ryd2
4
vulnerability VCID-6m19-4krm-2udd
5
vulnerability VCID-c14d-1sa2-rkf6
6
vulnerability VCID-c1a1-z5m1-nfbc
7
vulnerability VCID-fskk-cb95-uqer
8
vulnerability VCID-hhzz-hbqz-akfw
9
vulnerability VCID-jcq6-btgz-fkf6
10
vulnerability VCID-jcsq-3q5z-4kc6
11
vulnerability VCID-kgva-z9gg-u3dw
12
vulnerability VCID-paj4-nq1r-jbd3
13
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.3
aliases CVE-2019-18210, GHSA-q6vw-27c6-jv9c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y8up-cqtu-jkdw
39
url VCID-yghg-775s-vber
vulnerability_id VCID-yghg-775s-vber
summary 
Server-Side Request Forgery (SSRF)
Moodle has Server Side Request Forgery in the `filepicker`.
references
0
reference_url http://packetstormsecurity.com/files/153766/Moodle-Filepicker-3.5.2-Server-Side-Request-Forgery.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/153766/Moodle-Filepicker-3.5.2-Server-Side-Request-Forgery.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1042
reference_id
reference_type
scores
0
value 0.12866
scoring_system epss
scoring_elements 0.94175
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1042
2
reference_url https://github.com/moodle/moodle/commit/f1d1a60e0ac8549c08e66062f3cd0110e4a92e24
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/f1d1a60e0ac8549c08e66062f3cd0110e4a92e24
3
reference_url https://moodle.org/mod/forum/discuss.php?d=364381
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=364381
4
reference_url https://web.archive.org/web/20210124134113/http://www.securityfocus.com/bid/102752
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210124134113/http://www.securityfocus.com/bid/102752
5
reference_url http://www.securityfocus.com/bid/102752
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/102752
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/47177.txt
reference_id CVE-2018-1042
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/47177.txt
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1042
reference_id CVE-2018-1042
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1042
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.10
purl pkg:composer/moodle/moodle@3.1.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-9t4u-n1pn-w3bd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-b7br-bh2d-rygp
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-ckg1-9vpt-yfdk
9
vulnerability VCID-deur-8zdf-2kh2
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fegs-ubsk-63hu
12
vulnerability VCID-g8ct-c4ce-zuaf
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k73h-z6j8-gkgz
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-p2gd-7uam-mqf8
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qxsq-ku22-r7gx
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-zjrq-np3y-hua5
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.10
1
url pkg:composer/moodle/moodle@3.2.7
purl pkg:composer/moodle/moodle@3.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-b7br-bh2d-rygp
3
vulnerability VCID-ckg1-9vpt-yfdk
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-fegs-ubsk-63hu
6
vulnerability VCID-g8ct-c4ce-zuaf
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-m4zv-e3dn-budf
10
vulnerability VCID-mkfz-e1ft-2bcw
11
vulnerability VCID-nntc-dsz1-e3fp
12
vulnerability VCID-p2gd-7uam-mqf8
13
vulnerability VCID-qhv1-wgpm-7fh6
14
vulnerability VCID-w9ca-exua-g7ar
15
vulnerability VCID-x7rg-rsb5-pya7
16
vulnerability VCID-y8up-cqtu-jkdw
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.7
2
url pkg:composer/moodle/moodle@3.3.4
purl pkg:composer/moodle/moodle@3.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-8mgr-gdzj-4ybs
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-b7br-bh2d-rygp
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-ckg1-9vpt-yfdk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-fegs-ubsk-63hu
9
vulnerability VCID-fygy-9njn-abgd
10
vulnerability VCID-g8ct-c4ce-zuaf
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-mmg3-7fz9-5uak
16
vulnerability VCID-nntc-dsz1-e3fp
17
vulnerability VCID-p2gd-7uam-mqf8
18
vulnerability VCID-qhv1-wgpm-7fh6
19
vulnerability VCID-vfp6-4h8n-bkax
20
vulnerability VCID-w9ca-exua-g7ar
21
vulnerability VCID-x7rg-rsb5-pya7
22
vulnerability VCID-x9vd-njdz-jua9
23
vulnerability VCID-y8up-cqtu-jkdw
24
vulnerability VCID-zjrq-np3y-hua5
25
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.4
3
url pkg:composer/moodle/moodle@3.4.1
purl pkg:composer/moodle/moodle@3.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-b7br-bh2d-rygp
6
vulnerability VCID-bjnq-q2nd-1khp
7
vulnerability VCID-ckg1-9vpt-yfdk
8
vulnerability VCID-deur-8zdf-2kh2
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fegs-ubsk-63hu
11
vulnerability VCID-fygy-9njn-abgd
12
vulnerability VCID-g8ct-c4ce-zuaf
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k73h-z6j8-gkgz
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-mmg3-7fz9-5uak
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-p2gd-7uam-mqf8
21
vulnerability VCID-qhv1-wgpm-7fh6
22
vulnerability VCID-qxsq-ku22-r7gx
23
vulnerability VCID-r6kn-b963-eqge
24
vulnerability VCID-s6uu-335k-yfbc
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-x9vd-njdz-jua9
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.1
aliases CVE-2018-1042, GHSA-qqjv-mc2v-p7mc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yghg-775s-vber
40
url VCID-yp82-zj5g-pbaf
vulnerability_id VCID-yp82-zj5g-pbaf
summary 
Improper Privilege Management
Course creators are able to change system default settings for courses.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7532
reference_id
reference_type
scores
0
value 0.00095
scoring_system epss
scoring_elements 0.26406
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7532
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://github.com/moodle/moodle/commit/6e861be6b7d49c5ac4583ae46762a28ede5785ad
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/6e861be6b7d49c5ac4583ae46762a28ede5785ad
3
reference_url https://github.com/moodle/moodle/commit/915f801546a5c3618feab897072c985abfce57df
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/915f801546a5c3618feab897072c985abfce57df
4
reference_url https://moodle.org/mod/forum/discuss.php?d=355556
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=355556
5
reference_url https://web.archive.org/web/20210614032706/http://www.securityfocus.com/bid/99617
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210614032706/http://www.securityfocus.com/bid/99617
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7532
reference_id CVE-2017-7532
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-7532
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.7
purl pkg:composer/moodle/moodle@3.1.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8mgr-gdzj-4ybs
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-9t4u-n1pn-w3bd
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-b7br-bh2d-rygp
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-ckg1-9vpt-yfdk
12
vulnerability VCID-deur-8zdf-2kh2
13
vulnerability VCID-duna-st9c-mqbk
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fegs-ubsk-63hu
16
vulnerability VCID-g8ct-c4ce-zuaf
17
vulnerability VCID-jcq6-btgz-fkf6
18
vulnerability VCID-k73h-z6j8-gkgz
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-p2gd-7uam-mqf8
24
vulnerability VCID-qhv1-wgpm-7fh6
25
vulnerability VCID-qxsq-ku22-r7gx
26
vulnerability VCID-r6kn-b963-eqge
27
vulnerability VCID-s6uu-335k-yfbc
28
vulnerability VCID-vfp6-4h8n-bkax
29
vulnerability VCID-w9ca-exua-g7ar
30
vulnerability VCID-x7rg-rsb5-pya7
31
vulnerability VCID-y8up-cqtu-jkdw
32
vulnerability VCID-yghg-775s-vber
33
vulnerability VCID-zgzm-wj81-jkah
34
vulnerability VCID-zjrq-np3y-hua5
35
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.7
1
url pkg:composer/moodle/moodle@3.2.4
purl pkg:composer/moodle/moodle@3.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-9nd7-4wve-97hc
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-b7br-bh2d-rygp
6
vulnerability VCID-ckg1-9vpt-yfdk
7
vulnerability VCID-duna-st9c-mqbk
8
vulnerability VCID-eu27-a3px-87ed
9
vulnerability VCID-fegs-ubsk-63hu
10
vulnerability VCID-g8ct-c4ce-zuaf
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-nc2j-pay7-ryab
16
vulnerability VCID-nntc-dsz1-e3fp
17
vulnerability VCID-p2gd-7uam-mqf8
18
vulnerability VCID-qhv1-wgpm-7fh6
19
vulnerability VCID-w9ca-exua-g7ar
20
vulnerability VCID-x7rg-rsb5-pya7
21
vulnerability VCID-y8up-cqtu-jkdw
22
vulnerability VCID-yghg-775s-vber
23
vulnerability VCID-zgzm-wj81-jkah
24
vulnerability VCID-zjrq-np3y-hua5
25
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.4
2
url pkg:composer/moodle/moodle@3.3.1
purl pkg:composer/moodle/moodle@3.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-83kb-4mk9-t7ge
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-9nd7-4wve-97hc
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-b7br-bh2d-rygp
8
vulnerability VCID-bjnq-q2nd-1khp
9
vulnerability VCID-ckg1-9vpt-yfdk
10
vulnerability VCID-duna-st9c-mqbk
11
vulnerability VCID-eu27-a3px-87ed
12
vulnerability VCID-fegs-ubsk-63hu
13
vulnerability VCID-fygy-9njn-abgd
14
vulnerability VCID-g8ct-c4ce-zuaf
15
vulnerability VCID-jcq6-btgz-fkf6
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-mmg3-7fz9-5uak
20
vulnerability VCID-nc2j-pay7-ryab
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-p2gd-7uam-mqf8
23
vulnerability VCID-q2fa-jymp-c3bb
24
vulnerability VCID-qhv1-wgpm-7fh6
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-x9vd-njdz-jua9
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-yp82-zj5g-pbaf
32
vulnerability VCID-zgzm-wj81-jkah
33
vulnerability VCID-zjrq-np3y-hua5
34
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.1
3
url pkg:composer/moodle/moodle@3.3.2
purl pkg:composer/moodle/moodle@3.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-83kb-4mk9-t7ge
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-b7br-bh2d-rygp
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-ckg1-9vpt-yfdk
9
vulnerability VCID-duna-st9c-mqbk
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fegs-ubsk-63hu
12
vulnerability VCID-fygy-9njn-abgd
13
vulnerability VCID-g8ct-c4ce-zuaf
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-mmg3-7fz9-5uak
19
vulnerability VCID-nc2j-pay7-ryab
20
vulnerability VCID-nntc-dsz1-e3fp
21
vulnerability VCID-p2gd-7uam-mqf8
22
vulnerability VCID-qhv1-wgpm-7fh6
23
vulnerability VCID-vfp6-4h8n-bkax
24
vulnerability VCID-w9ca-exua-g7ar
25
vulnerability VCID-x7rg-rsb5-pya7
26
vulnerability VCID-x9vd-njdz-jua9
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zgzm-wj81-jkah
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.2
aliases CVE-2017-7532, GHSA-jjhx-5jff-rc8m
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yp82-zj5g-pbaf
41
url VCID-zgzm-wj81-jkah
vulnerability_id VCID-zgzm-wj81-jkah
summary 
Cross-site Scripting
Moodle has an XSS in the contact form on the "non-respondents" page in non-anonymous feedback.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12156
reference_id
reference_type
scores
0
value 0.00174
scoring_system epss
scoring_elements 0.38511
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12156
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://github.com/moodle/moodle/commit/a39d2976fe5e91da7a28a8512d5b94d4a27067b8
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/a39d2976fe5e91da7a28a8512d5b94d4a27067b8
3
reference_url https://moodle.org/mod/forum/discuss.php?d=358585
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=358585
4
reference_url https://web.archive.org/web/20210124104026/http://www.securityfocus.com/bid/100867
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210124104026/http://www.securityfocus.com/bid/100867
5
reference_url http://www.securityfocus.com/bid/100867
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/100867
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-12156
reference_id CVE-2017-12156
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-12156
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.8
purl pkg:composer/moodle/moodle@3.1.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8mgr-gdzj-4ybs
5
vulnerability VCID-9t4u-n1pn-w3bd
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-ajkr-fxa1-mkhk
8
vulnerability VCID-b7br-bh2d-rygp
9
vulnerability VCID-bjnq-q2nd-1khp
10
vulnerability VCID-ckg1-9vpt-yfdk
11
vulnerability VCID-deur-8zdf-2kh2
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eu27-a3px-87ed
14
vulnerability VCID-fegs-ubsk-63hu
15
vulnerability VCID-g8ct-c4ce-zuaf
16
vulnerability VCID-jcq6-btgz-fkf6
17
vulnerability VCID-k73h-z6j8-gkgz
18
vulnerability VCID-m3np-aebb-8qaa
19
vulnerability VCID-m4zv-e3dn-budf
20
vulnerability VCID-mkfz-e1ft-2bcw
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-p2gd-7uam-mqf8
23
vulnerability VCID-qhv1-wgpm-7fh6
24
vulnerability VCID-qxsq-ku22-r7gx
25
vulnerability VCID-r6kn-b963-eqge
26
vulnerability VCID-s6uu-335k-yfbc
27
vulnerability VCID-vfp6-4h8n-bkax
28
vulnerability VCID-w9ca-exua-g7ar
29
vulnerability VCID-x7rg-rsb5-pya7
30
vulnerability VCID-y8up-cqtu-jkdw
31
vulnerability VCID-yghg-775s-vber
32
vulnerability VCID-zgzm-wj81-jkah
33
vulnerability VCID-zjrq-np3y-hua5
34
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.8
1
url pkg:composer/moodle/moodle@3.1.9
purl pkg:composer/moodle/moodle@3.1.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-9t4u-n1pn-w3bd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-b7br-bh2d-rygp
8
vulnerability VCID-bjnq-q2nd-1khp
9
vulnerability VCID-ckg1-9vpt-yfdk
10
vulnerability VCID-deur-8zdf-2kh2
11
vulnerability VCID-duna-st9c-mqbk
12
vulnerability VCID-eu27-a3px-87ed
13
vulnerability VCID-fegs-ubsk-63hu
14
vulnerability VCID-g8ct-c4ce-zuaf
15
vulnerability VCID-jcq6-btgz-fkf6
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-m4zv-e3dn-budf
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-nntc-dsz1-e3fp
21
vulnerability VCID-p2gd-7uam-mqf8
22
vulnerability VCID-qhv1-wgpm-7fh6
23
vulnerability VCID-qxsq-ku22-r7gx
24
vulnerability VCID-r6kn-b963-eqge
25
vulnerability VCID-s6uu-335k-yfbc
26
vulnerability VCID-vfp6-4h8n-bkax
27
vulnerability VCID-w9ca-exua-g7ar
28
vulnerability VCID-x7rg-rsb5-pya7
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.9
2
url pkg:composer/moodle/moodle@3.2.0-beta
purl pkg:composer/moodle/moodle@3.2.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-eu27-a3px-87ed
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-m3np-aebb-8qaa
5
vulnerability VCID-mkfz-e1ft-2bcw
6
vulnerability VCID-nntc-dsz1-e3fp
7
vulnerability VCID-qhv1-wgpm-7fh6
8
vulnerability VCID-w9ca-exua-g7ar
9
vulnerability VCID-x7rg-rsb5-pya7
10
vulnerability VCID-y8up-cqtu-jkdw
11
vulnerability VCID-zjrq-np3y-hua5
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.0-beta
3
url pkg:composer/moodle/moodle@3.2.5
purl pkg:composer/moodle/moodle@3.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-ajkr-fxa1-mkhk
4
vulnerability VCID-b7br-bh2d-rygp
5
vulnerability VCID-ckg1-9vpt-yfdk
6
vulnerability VCID-duna-st9c-mqbk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-fegs-ubsk-63hu
9
vulnerability VCID-g8ct-c4ce-zuaf
10
vulnerability VCID-jcq6-btgz-fkf6
11
vulnerability VCID-m3np-aebb-8qaa
12
vulnerability VCID-m4zv-e3dn-budf
13
vulnerability VCID-mkfz-e1ft-2bcw
14
vulnerability VCID-nc2j-pay7-ryab
15
vulnerability VCID-nntc-dsz1-e3fp
16
vulnerability VCID-p2gd-7uam-mqf8
17
vulnerability VCID-qhv1-wgpm-7fh6
18
vulnerability VCID-w9ca-exua-g7ar
19
vulnerability VCID-x7rg-rsb5-pya7
20
vulnerability VCID-y8up-cqtu-jkdw
21
vulnerability VCID-yghg-775s-vber
22
vulnerability VCID-zgzm-wj81-jkah
23
vulnerability VCID-zjrq-np3y-hua5
24
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.5
4
url pkg:composer/moodle/moodle@3.2.6
purl pkg:composer/moodle/moodle@3.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-ajkr-fxa1-mkhk
3
vulnerability VCID-b7br-bh2d-rygp
4
vulnerability VCID-ckg1-9vpt-yfdk
5
vulnerability VCID-duna-st9c-mqbk
6
vulnerability VCID-eu27-a3px-87ed
7
vulnerability VCID-fegs-ubsk-63hu
8
vulnerability VCID-g8ct-c4ce-zuaf
9
vulnerability VCID-jcq6-btgz-fkf6
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-m4zv-e3dn-budf
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-nc2j-pay7-ryab
14
vulnerability VCID-nntc-dsz1-e3fp
15
vulnerability VCID-p2gd-7uam-mqf8
16
vulnerability VCID-qhv1-wgpm-7fh6
17
vulnerability VCID-w9ca-exua-g7ar
18
vulnerability VCID-x7rg-rsb5-pya7
19
vulnerability VCID-y8up-cqtu-jkdw
20
vulnerability VCID-yghg-775s-vber
21
vulnerability VCID-zjrq-np3y-hua5
22
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.6
5
url pkg:composer/moodle/moodle@3.3.0-beta
purl pkg:composer/moodle/moodle@3.3.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-eu27-a3px-87ed
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-m3np-aebb-8qaa
5
vulnerability VCID-mkfz-e1ft-2bcw
6
vulnerability VCID-nntc-dsz1-e3fp
7
vulnerability VCID-qhv1-wgpm-7fh6
8
vulnerability VCID-w9ca-exua-g7ar
9
vulnerability VCID-x7rg-rsb5-pya7
10
vulnerability VCID-y8up-cqtu-jkdw
11
vulnerability VCID-zjrq-np3y-hua5
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.0-beta
6
url pkg:composer/moodle/moodle@3.3.2
purl pkg:composer/moodle/moodle@3.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-83kb-4mk9-t7ge
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-b7br-bh2d-rygp
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-ckg1-9vpt-yfdk
9
vulnerability VCID-duna-st9c-mqbk
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fegs-ubsk-63hu
12
vulnerability VCID-fygy-9njn-abgd
13
vulnerability VCID-g8ct-c4ce-zuaf
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-mmg3-7fz9-5uak
19
vulnerability VCID-nc2j-pay7-ryab
20
vulnerability VCID-nntc-dsz1-e3fp
21
vulnerability VCID-p2gd-7uam-mqf8
22
vulnerability VCID-qhv1-wgpm-7fh6
23
vulnerability VCID-vfp6-4h8n-bkax
24
vulnerability VCID-w9ca-exua-g7ar
25
vulnerability VCID-x7rg-rsb5-pya7
26
vulnerability VCID-x9vd-njdz-jua9
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zgzm-wj81-jkah
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.2
7
url pkg:composer/moodle/moodle@3.3.3
purl pkg:composer/moodle/moodle@3.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-8mgr-gdzj-4ybs
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-b7br-bh2d-rygp
6
vulnerability VCID-bjnq-q2nd-1khp
7
vulnerability VCID-ckg1-9vpt-yfdk
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fegs-ubsk-63hu
11
vulnerability VCID-fygy-9njn-abgd
12
vulnerability VCID-g8ct-c4ce-zuaf
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-m3np-aebb-8qaa
15
vulnerability VCID-m4zv-e3dn-budf
16
vulnerability VCID-mkfz-e1ft-2bcw
17
vulnerability VCID-mmg3-7fz9-5uak
18
vulnerability VCID-nc2j-pay7-ryab
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-p2gd-7uam-mqf8
21
vulnerability VCID-qhv1-wgpm-7fh6
22
vulnerability VCID-vfp6-4h8n-bkax
23
vulnerability VCID-w9ca-exua-g7ar
24
vulnerability VCID-x7rg-rsb5-pya7
25
vulnerability VCID-x9vd-njdz-jua9
26
vulnerability VCID-y8up-cqtu-jkdw
27
vulnerability VCID-yghg-775s-vber
28
vulnerability VCID-zjrq-np3y-hua5
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.3
aliases CVE-2017-12156, GHSA-7mfw-g8x4-rq2w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zgzm-wj81-jkah
42
url VCID-zjrq-np3y-hua5
vulnerability_id VCID-zjrq-np3y-hua5
summary 
Information Exposure
Permissions were not correctly checked before loading event information into the calendar's edit event modal popup, so logged in non-guest users could view unauthorised calendar events.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3848
reference_id
reference_type
scores
0
value 0.00133
scoring_system epss
scoring_elements 0.32374
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3848
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3848
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3848
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://moodle.org/mod/forum/discuss.php?d=384011#p1547743
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=384011#p1547743
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-3848
reference_id CVE-2019-3848
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-3848
fixed_packages
0
url pkg:composer/moodle/moodle@3.4.8
purl pkg:composer/moodle/moodle@3.4.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qxsq-ku22-r7gx
9
vulnerability VCID-w9ca-exua-g7ar
10
vulnerability VCID-x7rg-rsb5-pya7
11
vulnerability VCID-y8up-cqtu-jkdw
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.8
1
url pkg:composer/moodle/moodle@3.5.5
purl pkg:composer/moodle/moodle@3.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-3cb4-wz6x-ckcd
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-56wj-4124-ryd2
4
vulnerability VCID-6m19-4krm-2udd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-bbj9-hpz3-xqhh
7
vulnerability VCID-c1a1-z5m1-nfbc
8
vulnerability VCID-deur-8zdf-2kh2
9
vulnerability VCID-dpd2-1sqc-qqfy
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fskk-cb95-uqer
12
vulnerability VCID-gnez-ehgq-rfbr
13
vulnerability VCID-hhzz-hbqz-akfw
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-jcsq-3q5z-4kc6
16
vulnerability VCID-kgva-z9gg-u3dw
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-mhm4-8kuk-t7b6
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-mqde-66zm-qbbj
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-paj4-nq1r-jbd3
23
vulnerability VCID-pgfa-bkaw-q7cq
24
vulnerability VCID-qxsq-ku22-r7gx
25
vulnerability VCID-w2b2-fuky-j3ff
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-y8up-cqtu-jkdw
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.5
2
url pkg:composer/moodle/moodle@3.6.3
purl pkg:composer/moodle/moodle@3.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-hhzz-hbqz-akfw
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-kgva-z9gg-u3dw
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-n5tc-1k33-dfeq
9
vulnerability VCID-paj4-nq1r-jbd3
10
vulnerability VCID-qxsq-ku22-r7gx
11
vulnerability VCID-w2b2-fuky-j3ff
12
vulnerability VCID-w9ca-exua-g7ar
13
vulnerability VCID-x7rg-rsb5-pya7
14
vulnerability VCID-y8up-cqtu-jkdw
15
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.3
aliases CVE-2019-3848, GHSA-45rw-4r25-jvg7
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zjrq-np3y-hua5
43
url VCID-zwkk-zazw-6fgg
vulnerability_id VCID-zwkk-zazw-6fgg
summary 
Improper Validation of Integrity Check Value
It was found in Moodle that a insufficient capability checks in some grade related web services meant students were able to view other students grades.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20184
reference_id
reference_type
scores
0
value 0.00148
scoring_system epss
scoring_elements 0.34896
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20184
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=417167
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=417167
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20184
reference_id CVE-2021-20184
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20184
fixed_packages
0
url pkg:composer/moodle/moodle@3.8.7
purl pkg:composer/moodle/moodle@3.8.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-dpd2-1sqc-qqfy
2
vulnerability VCID-gnez-ehgq-rfbr
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.7
1
url pkg:composer/moodle/moodle@3.9.4
purl pkg:composer/moodle/moodle@3.9.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-dpd2-1sqc-qqfy
2
vulnerability VCID-gnez-ehgq-rfbr
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.4
2
url pkg:composer/moodle/moodle@3.10.1
purl pkg:composer/moodle/moodle@3.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-bu6d-ns3s-fuck
2
vulnerability VCID-dpd2-1sqc-qqfy
3
vulnerability VCID-gnez-ehgq-rfbr
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.1
aliases CVE-2021-20184, GHSA-mm73-86f9-5x5c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zwkk-zazw-6fgg
Fixing_vulnerabilities
0
url VCID-65y9-9ur2-pugc
vulnerability_id VCID-65y9-9ur2-pugc
summary 
Improper Input Validation
There is incorrect sanitization of attributes in forums.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-2576
reference_id
reference_type
scores
0
value 0.00289
scoring_system epss
scoring_elements 0.5258
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-2576
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=345912
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=345912
3
reference_url http://www.securityfocus.com/bid/95649
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/95649
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-2576
reference_id CVE-2017-2576
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-2576
fixed_packages
0
url pkg:composer/moodle/moodle@2.7.18
purl pkg:composer/moodle/moodle@2.7.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-5rbf-4dz3-2qdz
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-bjnq-q2nd-1khp
7
vulnerability VCID-dhku-uah4-ykh8
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-jcq6-btgz-fkf6
11
vulnerability VCID-k73h-z6j8-gkgz
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-nntc-dsz1-e3fp
16
vulnerability VCID-qhv1-wgpm-7fh6
17
vulnerability VCID-r6kn-b963-eqge
18
vulnerability VCID-s6uu-335k-yfbc
19
vulnerability VCID-vfp6-4h8n-bkax
20
vulnerability VCID-vtq4-fpr8-hudb
21
vulnerability VCID-w9ca-exua-g7ar
22
vulnerability VCID-x7rg-rsb5-pya7
23
vulnerability VCID-y8up-cqtu-jkdw
24
vulnerability VCID-yghg-775s-vber
25
vulnerability VCID-zjrq-np3y-hua5
26
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.18
1
url pkg:composer/moodle/moodle@2.9.0-beta
purl pkg:composer/moodle/moodle@2.9.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-ajkr-fxa1-mkhk
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-duna-st9c-mqbk
6
vulnerability VCID-eu27-a3px-87ed
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-k1bh-ymgt-e7cd
9
vulnerability VCID-k73h-z6j8-gkgz
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-m4zv-e3dn-budf
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-r6kn-b963-eqge
16
vulnerability VCID-s6uu-335k-yfbc
17
vulnerability VCID-vfp6-4h8n-bkax
18
vulnerability VCID-w9ca-exua-g7ar
19
vulnerability VCID-x7rg-rsb5-pya7
20
vulnerability VCID-y8up-cqtu-jkdw
21
vulnerability VCID-yghg-775s-vber
22
vulnerability VCID-zjrq-np3y-hua5
23
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.0-beta
2
url pkg:composer/moodle/moodle@3.0.0-beta
purl pkg:composer/moodle/moodle@3.0.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-ajkr-fxa1-mkhk
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-duna-st9c-mqbk
6
vulnerability VCID-eu27-a3px-87ed
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-k1bh-ymgt-e7cd
9
vulnerability VCID-k73h-z6j8-gkgz
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-m4zv-e3dn-budf
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-r6kn-b963-eqge
16
vulnerability VCID-s6uu-335k-yfbc
17
vulnerability VCID-vfp6-4h8n-bkax
18
vulnerability VCID-w9ca-exua-g7ar
19
vulnerability VCID-x7rg-rsb5-pya7
20
vulnerability VCID-y8up-cqtu-jkdw
21
vulnerability VCID-yghg-775s-vber
22
vulnerability VCID-zjrq-np3y-hua5
23
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.0-beta
3
url pkg:composer/moodle/moodle@3.0.8
purl pkg:composer/moodle/moodle@3.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-5rbf-4dz3-2qdz
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-9nd7-4wve-97hc
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-dhku-uah4-ykh8
9
vulnerability VCID-duna-st9c-mqbk
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-k73h-z6j8-gkgz
13
vulnerability VCID-m3np-aebb-8qaa
14
vulnerability VCID-m4zv-e3dn-budf
15
vulnerability VCID-mkfz-e1ft-2bcw
16
vulnerability VCID-nntc-dsz1-e3fp
17
vulnerability VCID-qhv1-wgpm-7fh6
18
vulnerability VCID-r6kn-b963-eqge
19
vulnerability VCID-s6uu-335k-yfbc
20
vulnerability VCID-vfp6-4h8n-bkax
21
vulnerability VCID-vtq4-fpr8-hudb
22
vulnerability VCID-w9ca-exua-g7ar
23
vulnerability VCID-x7rg-rsb5-pya7
24
vulnerability VCID-y8up-cqtu-jkdw
25
vulnerability VCID-yghg-775s-vber
26
vulnerability VCID-zgzm-wj81-jkah
27
vulnerability VCID-zjrq-np3y-hua5
28
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.8
4
url pkg:composer/moodle/moodle@3.1.4
purl pkg:composer/moodle/moodle@3.1.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-336n-hpzg-euhd
3
vulnerability VCID-4rz2-b4e3-87g5
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-83kb-4mk9-t7ge
6
vulnerability VCID-8mgr-gdzj-4ybs
7
vulnerability VCID-9nd7-4wve-97hc
8
vulnerability VCID-9t4u-n1pn-w3bd
9
vulnerability VCID-a6pb-47tu-afcg
10
vulnerability VCID-ajkr-fxa1-mkhk
11
vulnerability VCID-b7br-bh2d-rygp
12
vulnerability VCID-bjnq-q2nd-1khp
13
vulnerability VCID-ckg1-9vpt-yfdk
14
vulnerability VCID-deur-8zdf-2kh2
15
vulnerability VCID-dhku-uah4-ykh8
16
vulnerability VCID-duna-st9c-mqbk
17
vulnerability VCID-eu27-a3px-87ed
18
vulnerability VCID-fegs-ubsk-63hu
19
vulnerability VCID-g8ct-c4ce-zuaf
20
vulnerability VCID-jcq6-btgz-fkf6
21
vulnerability VCID-jn5n-6hg9-tyf7
22
vulnerability VCID-k73h-z6j8-gkgz
23
vulnerability VCID-m3np-aebb-8qaa
24
vulnerability VCID-m4zv-e3dn-budf
25
vulnerability VCID-mkfz-e1ft-2bcw
26
vulnerability VCID-nntc-dsz1-e3fp
27
vulnerability VCID-p2gd-7uam-mqf8
28
vulnerability VCID-q2fa-jymp-c3bb
29
vulnerability VCID-qhv1-wgpm-7fh6
30
vulnerability VCID-qxsq-ku22-r7gx
31
vulnerability VCID-r6kn-b963-eqge
32
vulnerability VCID-s6uu-335k-yfbc
33
vulnerability VCID-vfp6-4h8n-bkax
34
vulnerability VCID-vtq4-fpr8-hudb
35
vulnerability VCID-w9ca-exua-g7ar
36
vulnerability VCID-x7rg-rsb5-pya7
37
vulnerability VCID-x927-nh46-7fdy
38
vulnerability VCID-y8up-cqtu-jkdw
39
vulnerability VCID-yghg-775s-vber
40
vulnerability VCID-yp82-zj5g-pbaf
41
vulnerability VCID-zgzm-wj81-jkah
42
vulnerability VCID-zjrq-np3y-hua5
43
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.4
5
url pkg:composer/moodle/moodle@3.2.1
purl pkg:composer/moodle/moodle@3.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2qjr-wjh1-8fh6
2
vulnerability VCID-2s6b-tp6p-gue1
3
vulnerability VCID-5rbf-4dz3-2qdz
4
vulnerability VCID-83kb-4mk9-t7ge
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-ajkr-fxa1-mkhk
8
vulnerability VCID-b7br-bh2d-rygp
9
vulnerability VCID-ckg1-9vpt-yfdk
10
vulnerability VCID-dhku-uah4-ykh8
11
vulnerability VCID-duna-st9c-mqbk
12
vulnerability VCID-eu27-a3px-87ed
13
vulnerability VCID-fegs-ubsk-63hu
14
vulnerability VCID-g8ct-c4ce-zuaf
15
vulnerability VCID-jcq6-btgz-fkf6
16
vulnerability VCID-jn5n-6hg9-tyf7
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-m4zv-e3dn-budf
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-nc2j-pay7-ryab
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-p2gd-7uam-mqf8
23
vulnerability VCID-q2fa-jymp-c3bb
24
vulnerability VCID-qhv1-wgpm-7fh6
25
vulnerability VCID-vtq4-fpr8-hudb
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-x927-nh46-7fdy
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-yp82-zj5g-pbaf
32
vulnerability VCID-zgzm-wj81-jkah
33
vulnerability VCID-zjrq-np3y-hua5
34
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.1
aliases CVE-2017-2576, GHSA-cjrf-xg77-chpw
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-65y9-9ur2-pugc
1
url VCID-e2zc-7ujn-wybu
vulnerability_id VCID-e2zc-7ujn-wybu
summary 
Cross-site Scripting
There is XSS in the assignment submission page.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-2578
reference_id
reference_type
scores
0
value 0.00247
scoring_system epss
scoring_elements 0.48107
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-2578
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=345915
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=345915
3
reference_url http://www.securityfocus.com/bid/95647
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/95647
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-2578
reference_id CVE-2017-2578
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-2578
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.4
purl pkg:composer/moodle/moodle@3.1.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-336n-hpzg-euhd
3
vulnerability VCID-4rz2-b4e3-87g5
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-83kb-4mk9-t7ge
6
vulnerability VCID-8mgr-gdzj-4ybs
7
vulnerability VCID-9nd7-4wve-97hc
8
vulnerability VCID-9t4u-n1pn-w3bd
9
vulnerability VCID-a6pb-47tu-afcg
10
vulnerability VCID-ajkr-fxa1-mkhk
11
vulnerability VCID-b7br-bh2d-rygp
12
vulnerability VCID-bjnq-q2nd-1khp
13
vulnerability VCID-ckg1-9vpt-yfdk
14
vulnerability VCID-deur-8zdf-2kh2
15
vulnerability VCID-dhku-uah4-ykh8
16
vulnerability VCID-duna-st9c-mqbk
17
vulnerability VCID-eu27-a3px-87ed
18
vulnerability VCID-fegs-ubsk-63hu
19
vulnerability VCID-g8ct-c4ce-zuaf
20
vulnerability VCID-jcq6-btgz-fkf6
21
vulnerability VCID-jn5n-6hg9-tyf7
22
vulnerability VCID-k73h-z6j8-gkgz
23
vulnerability VCID-m3np-aebb-8qaa
24
vulnerability VCID-m4zv-e3dn-budf
25
vulnerability VCID-mkfz-e1ft-2bcw
26
vulnerability VCID-nntc-dsz1-e3fp
27
vulnerability VCID-p2gd-7uam-mqf8
28
vulnerability VCID-q2fa-jymp-c3bb
29
vulnerability VCID-qhv1-wgpm-7fh6
30
vulnerability VCID-qxsq-ku22-r7gx
31
vulnerability VCID-r6kn-b963-eqge
32
vulnerability VCID-s6uu-335k-yfbc
33
vulnerability VCID-vfp6-4h8n-bkax
34
vulnerability VCID-vtq4-fpr8-hudb
35
vulnerability VCID-w9ca-exua-g7ar
36
vulnerability VCID-x7rg-rsb5-pya7
37
vulnerability VCID-x927-nh46-7fdy
38
vulnerability VCID-y8up-cqtu-jkdw
39
vulnerability VCID-yghg-775s-vber
40
vulnerability VCID-yp82-zj5g-pbaf
41
vulnerability VCID-zgzm-wj81-jkah
42
vulnerability VCID-zjrq-np3y-hua5
43
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.4
1
url pkg:composer/moodle/moodle@3.2.1
purl pkg:composer/moodle/moodle@3.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2qjr-wjh1-8fh6
2
vulnerability VCID-2s6b-tp6p-gue1
3
vulnerability VCID-5rbf-4dz3-2qdz
4
vulnerability VCID-83kb-4mk9-t7ge
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-ajkr-fxa1-mkhk
8
vulnerability VCID-b7br-bh2d-rygp
9
vulnerability VCID-ckg1-9vpt-yfdk
10
vulnerability VCID-dhku-uah4-ykh8
11
vulnerability VCID-duna-st9c-mqbk
12
vulnerability VCID-eu27-a3px-87ed
13
vulnerability VCID-fegs-ubsk-63hu
14
vulnerability VCID-g8ct-c4ce-zuaf
15
vulnerability VCID-jcq6-btgz-fkf6
16
vulnerability VCID-jn5n-6hg9-tyf7
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-m4zv-e3dn-budf
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-nc2j-pay7-ryab
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-p2gd-7uam-mqf8
23
vulnerability VCID-q2fa-jymp-c3bb
24
vulnerability VCID-qhv1-wgpm-7fh6
25
vulnerability VCID-vtq4-fpr8-hudb
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-x927-nh46-7fdy
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-yp82-zj5g-pbaf
32
vulnerability VCID-zgzm-wj81-jkah
33
vulnerability VCID-zjrq-np3y-hua5
34
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.1
aliases CVE-2017-2578, GHSA-6r76-f8c8-fh7p
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e2zc-7ujn-wybu
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.4