Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/60942?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/60942?format=api", "purl": "pkg:composer/moodle/moodle@2.6.0", "type": "composer", "namespace": "moodle", "name": "moodle", "version": "2.6.0", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "3.9.17", "latest_non_vulnerable_version": "5.1.2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10937?format=api", "vulnerability_id": "VCID-1nd2-ew9g-tfek", "summary": "Cross-site Scripting\nMultiple cross-site scripting (XSS) vulnerabilities in `auth/db/auth.php` in Moodle allow remote attackers to inject arbitrary web script or HTML via an external DB profile field.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50705", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50705" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2152", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44992", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2152" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/3b214760fb51ae2b0c85bbb2b272b9bc7c164657", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/3b214760fb51ae2b0c85bbb2b272b9bc7c164657" }, { "reference_url": "https://github.com/moodle/moodle/commit/4db8407d3eaba17a8d3f81957b8e93e9f2554055", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/4db8407d3eaba17a8d3f81957b8e93e9f2554055" }, { "reference_url": "https://github.com/moodle/moodle/commit/4ee7394c8bfa95a63428385b542c2066cd2d8ea1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/4ee7394c8bfa95a63428385b542c2066cd2d8ea1" }, { "reference_url": "https://github.com/moodle/moodle/commit/54d6ee8c0874d72705ffa4c7c17d7c90bc16c897", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/54d6ee8c0874d72705ffa4c7c17d7c90bc16c897" }, { "reference_url": "https://github.com/moodle/moodle/commit/61da84e4148aa1de83a6389eb77abf3bbf09a349", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/61da84e4148aa1de83a6389eb77abf3bbf09a349" }, { "reference_url": "https://github.com/moodle/moodle/commit/82d0c0b5218e9ceb35a4e24b4a4e1e2e9cfc840c", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/82d0c0b5218e9ceb35a4e24b4a4e1e2e9cfc840c" }, { "reference_url": "https://github.com/moodle/moodle/commit/ce597604763272396e5cb8ec93859a8568020b8b", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/ce597604763272396e5cb8ec93859a8568020b8b" }, { "reference_url": "https://github.com/moodle/moodle/commit/d9d8e9c3fe92c5f25e319a38fe5617088965ad20", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/d9d8e9c3fe92c5f25e319a38fe5617088965ad20" }, { "reference_url": "https://github.com/moodle/moodle/commit/f4fcb1c4f76488d4571d3d265efce3813676c45d", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/f4fcb1c4f76488d4571d3d265efce3813676c45d" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=330174", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=330174" }, { "reference_url": "https://web.archive.org/web/20160424224349/http://www.securitytracker.com/id/1035333", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20160424224349/http://www.securitytracker.com/id/1035333" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/03/21/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2016/03/21/1" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2152", "reference_id": "CVE-2016-2152", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2152" }, { "reference_url": "https://github.com/advisories/GHSA-6mxm-wpqv-675h", "reference_id": "GHSA-6mxm-wpqv-675h", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6mxm-wpqv-675h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/94776?format=api", "purl": "pkg:composer/moodle/moodle@2.7.0-beta", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.0-beta" }, { "url": "http://public2.vulnerablecode.io/api/packages/51641?format=api", "purl": "pkg:composer/moodle/moodle@2.7.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/51642?format=api", "purl": "pkg:composer/moodle/moodle@2.8.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/51643?format=api", "purl": "pkg:composer/moodle/moodle@2.9.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/51644?format=api", "purl": "pkg:composer/moodle/moodle@3.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-b3hr-pfv8-uqf6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xatq-q64s-gugm" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.3" } ], "aliases": [ "CVE-2016-2152", "GHSA-6mxm-wpqv-675h" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1nd2-ew9g-tfek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16223?format=api", "vulnerability_id": "VCID-1sz2-61r8-eugj", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nmessage/index.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 does not consider the moodle/site:readallmessages capability before accessing arbitrary conversations, which allows remote authenticated users to obtain sensitive personal-contact and unread-message-count information via a modified URL.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49204", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49204" }, { "reference_url": "http://openwall.com/lists/oss-security/2015/03/16/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2015/03/16/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2266", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.41855", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2266" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/2924ba1c73f9ed3d525987807f9d289b3eb38154", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/2924ba1c73f9ed3d525987807f9d289b3eb38154" }, { "reference_url": "https://github.com/moodle/moodle/commit/553319be03c4ef8e62499841c8d5d94c6786ed6d", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/553319be03c4ef8e62499841c8d5d94c6786ed6d" }, { "reference_url": "https://github.com/moodle/moodle/commit/c35df119a560e22d9e17f833b736b710b96431d9", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/c35df119a560e22d9e17f833b736b710b96431d9" }, { "reference_url": "https://github.com/moodle/moodle/commit/eb45017b61e35bcab8c35e2c544b1e4144ca1f16", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/eb45017b61e35bcab8c35e2c544b1e4144ca1f16" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=307380", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=307380" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2266", "reference_id": "CVE-2015-2266", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2266" }, { "reference_url": "https://github.com/advisories/GHSA-35pr-gqm6-r366", "reference_id": "GHSA-35pr-gqm6-r366", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-35pr-gqm6-r366" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61020?format=api", "purl": "pkg:composer/moodle/moodle@2.6.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/61021?format=api", "purl": "pkg:composer/moodle/moodle@2.7.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/61022?format=api", "purl": "pkg:composer/moodle/moodle@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.4" } ], "aliases": [ "CVE-2015-2266", "GHSA-35pr-gqm6-r366" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1sz2-61r8-eugj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15233?format=api", "vulnerability_id": "VCID-2et6-3ejg-27b8", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nIt was possible for a student to view their quiz grade before it had been released, using a quiz web service. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32473", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56172", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32473" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=422307", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=422307" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32473", "reference_id": "CVE-2021-32473", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32473" }, { "reference_url": "https://github.com/advisories/GHSA-wx87-h539-4775", "reference_id": "GHSA-wx87-h539-4775", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wx87-h539-4775" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/59910?format=api", "purl": "pkg:composer/moodle/moodle@3.5.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/58604?format=api", "purl": "pkg:composer/moodle/moodle@3.8.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/59911?format=api", "purl": "pkg:composer/moodle/moodle@3.9.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-ex6v-wa1m-j7f6" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-gcfy-vcgn-5uc7" }, { "vulnerability": "VCID-k253-m5ud-8bgc" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/59912?format=api", "purl": "pkg:composer/moodle/moodle@3.10.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-ex6v-wa1m-j7f6" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-gcfy-vcgn-5uc7" }, { "vulnerability": "VCID-k253-m5ud-8bgc" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.4" } ], "aliases": [ "CVE-2021-32473", "GHSA-wx87-h539-4775" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2et6-3ejg-27b8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15891?format=api", "vulnerability_id": "VCID-2mvc-d6w1-eqdw", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site scripting (XSS) vulnerability in mod/quiz/report/statistics/statistics_question_table.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the student role for a crafted quiz response.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49364", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49364" }, { "reference_url": "http://openwall.com/lists/oss-security/2015/03/16/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2015/03/16/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2273", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.4329", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2273" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/71aeb8a9cb4cf06f0b4aa49daf527e5c866db30e", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/71aeb8a9cb4cf06f0b4aa49daf527e5c866db30e" }, { "reference_url": "https://github.com/moodle/moodle/commit/8b6fcfa958204c6f26c410b9a9757612b326b6c7", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/8b6fcfa958204c6f26c410b9a9757612b326b6c7" }, { "reference_url": "https://github.com/moodle/moodle/commit/ceab40d186e241a9c239392954c6afdc3e2c3a4f", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/ceab40d186e241a9c239392954c6afdc3e2c3a4f" }, { "reference_url": "https://github.com/moodle/moodle/commit/f1fb96b698876bece46e8606b3c6c78889265e2b", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/f1fb96b698876bece46e8606b3c6c78889265e2b" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=307387", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=307387" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2273", "reference_id": "CVE-2015-2273", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2273" }, { "reference_url": "https://github.com/advisories/GHSA-w77v-xpxr-c6pv", "reference_id": "GHSA-w77v-xpxr-c6pv", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w77v-xpxr-c6pv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61020?format=api", "purl": "pkg:composer/moodle/moodle@2.6.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/61021?format=api", "purl": "pkg:composer/moodle/moodle@2.7.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/61022?format=api", "purl": "pkg:composer/moodle/moodle@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.4" } ], "aliases": [ "CVE-2015-2273", "GHSA-w77v-xpxr-c6pv" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2mvc-d6w1-eqdw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15866?format=api", "vulnerability_id": "VCID-2p3q-vvfc-tkc5", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nMultiple cross-site scripting (XSS) vulnerabilities in badges/renderer.php in Moodle 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allow remote attackers to inject arbitrary web script or HTML via an external badge.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46042", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46042" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/07/21/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/07/21/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3547", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.5217", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3547" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/0174a0a57f6d84e240dd0bc0df0ffa63c3cc5a88", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/0174a0a57f6d84e240dd0bc0df0ffa63c3cc5a88" }, { "reference_url": "https://github.com/moodle/moodle/commit/200a2b7fad3f7ef92b3171a07d68df6958d842b7", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/200a2b7fad3f7ef92b3171a07d68df6958d842b7" }, { "reference_url": "https://github.com/moodle/moodle/commit/9eef6b5237520f0cb9874564e577c64e3a831987", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/9eef6b5237520f0cb9874564e577c64e3a831987" }, { "reference_url": "https://github.com/moodle/moodle/commit/ea76b652fc4f3600403a61e54f198cc8570a4234", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/ea76b652fc4f3600403a61e54f198cc8570a4234" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=264269", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=264269" }, { "reference_url": "http://www.securityfocus.com/bid/68758", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/68758" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3547", "reference_id": "CVE-2014-3547", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3547" }, { "reference_url": "https://github.com/advisories/GHSA-hwjv-mc78-cccj", "reference_id": "GHSA-hwjv-mc78-cccj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hwjv-mc78-cccj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60960?format=api", "purl": "pkg:composer/moodle/moodle@2.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/60961?format=api", "purl": "pkg:composer/moodle/moodle@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q7s7-97ex-7kbj" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.1" } ], "aliases": [ "CVE-2014-3547", "GHSA-hwjv-mc78-cccj" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2p3q-vvfc-tkc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16271?format=api", "vulnerability_id": "VCID-2uvy-712n-x3hp", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nmod/data/edit.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 sets a certain group ID to zero upon a database-entry change, which allows remote authenticated users to obtain sensitive information by accessing the database after an edit by a teacher.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47697", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47697" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/11/17/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/11/17/11" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7833", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50913", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7833" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/2c639e85a32aaef4a9978e5ca139fb74ca5d6ae4", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/2c639e85a32aaef4a9978e5ca139fb74ca5d6ae4" }, { "reference_url": "https://github.com/moodle/moodle/commit/3e312a16f48dd8e8b230cb71e64295ee54992f80", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/3e312a16f48dd8e8b230cb71e64295ee54992f80" }, { "reference_url": "https://github.com/moodle/moodle/commit/c4a6c65c1bd8536484a9e53e62d3867081dedd6b", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/c4a6c65c1bd8536484a9e53e62d3867081dedd6b" }, { "reference_url": "https://github.com/moodle/moodle/commit/cc375a22b95b2e0f927a21ffd97c06f2276d8c14", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/cc375a22b95b2e0f927a21ffd97c06f2276d8c14" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=275155", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=275155" }, { "reference_url": "https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7833", "reference_id": "CVE-2014-7833", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7833" }, { "reference_url": "https://github.com/advisories/GHSA-jq7x-gm9r-v8m7", "reference_id": "GHSA-jq7x-gm9r-v8m7", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jq7x-gm9r-v8m7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60993?format=api", "purl": "pkg:composer/moodle/moodle@2.6.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/60994?format=api", "purl": "pkg:composer/moodle/moodle@2.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3" } ], "aliases": [ "CVE-2014-7833", "GHSA-jq7x-gm9r-v8m7" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2uvy-712n-x3hp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16253?format=api", "vulnerability_id": "VCID-2vj9-tagd-yug8", "summary": "Moodle allows attackers to bypass a forced-password-change requirement\nlogin/token.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to bypass a forced-password-change requirement by creating a web-services token.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48691", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48691" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2272", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.52001", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2272" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/0899c0adc036e34e0c37ea1a8d3551610cdb4233", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/0899c0adc036e34e0c37ea1a8d3551610cdb4233" }, { "reference_url": "https://github.com/moodle/moodle/commit/6e284d55b234287169f21e6ef8a9a237d6eedfe4", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/6e284d55b234287169f21e6ef8a9a237d6eedfe4" }, { "reference_url": "https://github.com/moodle/moodle/commit/b0abcbda170b57649e0ed39ac5aca91dbc30337f", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/b0abcbda170b57649e0ed39ac5aca91dbc30337f" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=307386", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=307386" }, { "reference_url": "https://web.archive.org/web/20200227182455/http://www.securityfocus.com/bid/73166", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200227182455/http://www.securityfocus.com/bid/73166" }, { "reference_url": "http://www.securityfocus.com/bid/73166", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/73166" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2272", "reference_id": "CVE-2015-2272", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2272" }, { "reference_url": "https://github.com/advisories/GHSA-5659-g9p4-354f", "reference_id": "GHSA-5659-g9p4-354f", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5659-g9p4-354f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61020?format=api", "purl": "pkg:composer/moodle/moodle@2.6.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/61021?format=api", "purl": "pkg:composer/moodle/moodle@2.7.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/61022?format=api", "purl": "pkg:composer/moodle/moodle@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.4" } ], "aliases": [ "CVE-2015-2272", "GHSA-5659-g9p4-354f" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2vj9-tagd-yug8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15925?format=api", "vulnerability_id": "VCID-35zs-xvs1-dke3", "summary": "Moodle allows attackers to bypass a messaging-disabled setting\nmessage/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to bypass a messaging-disabled setting via a web-services request, as demonstrated by a people-search request.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48329", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48329" }, { "reference_url": "http://openwall.com/lists/oss-security/2015/01/19/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2015/01/19/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0214", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.42963", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0214" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/436bbf8975f0daef329c6483ec595dbf9b39ee56", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/436bbf8975f0daef329c6483ec595dbf9b39ee56" }, { "reference_url": "https://github.com/moodle/moodle/commit/5770e5147838aa06a3ecdff6fc3aebbbd17fff90", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/5770e5147838aa06a3ecdff6fc3aebbbd17fff90" }, { "reference_url": "https://github.com/moodle/moodle/commit/c4250ef4f23776ff4862d2860b6be2cf7b2d85f6", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/c4250ef4f23776ff4862d2860b6be2cf7b2d85f6" }, { "reference_url": "https://github.com/moodle/moodle/commits/v2.6.7#:~:text=MDL%2D48106%20mod_glossary%3A%20Add%20missing%20sesskey%20checks", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commits/v2.6.7#:~:text=MDL%2D48106%20mod_glossary%3A%20Add%20missing%20sesskey%20checks" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=278614", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=278614" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0214", "reference_id": "CVE-2015-0214", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0214" }, { "reference_url": "https://github.com/advisories/GHSA-4jm2-c9jr-6prf", "reference_id": "GHSA-4jm2-c9jr-6prf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4jm2-c9jr-6prf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61064?format=api", "purl": "pkg:composer/moodle/moodle@2.6.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/61065?format=api", "purl": "pkg:composer/moodle/moodle@2.7.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/61066?format=api", "purl": "pkg:composer/moodle/moodle@2.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.2" } ], "aliases": [ "CVE-2015-0214", "GHSA-4jm2-c9jr-6prf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-35zs-xvs1-dke3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12078?format=api", "vulnerability_id": "VCID-3gup-tvzm-z7dt", "summary": "Cross-site Scripting\nMoodle is vulnerable to XSS via a calendar event name.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1045", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46975", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1045" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=364384", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=364384" }, { "reference_url": "https://web.archive.org/web/20210124134120/http://www.securityfocus.com/bid/102755", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124134120/http://www.securityfocus.com/bid/102755" }, { "reference_url": "http://www.securityfocus.com/bid/102755", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102755" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1045", "reference_id": "CVE-2018-1045", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1045" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53853?format=api", "purl": "pkg:composer/moodle/moodle@3.1.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2avg-qvn9-bkdn" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-6xjm-4pjx-xuh7" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d17g-sacy-nkfw" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d9xk-d7zc-rbeq" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dxn4-ry85-43dp" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ez7x-sprg-effa" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gt8k-6dg8-qqa8" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-k72d-w9wa-m7b5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-u843-6ku8-6bh7" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/53854?format=api", "purl": "pkg:composer/moodle/moodle@3.2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d9xk-d7zc-rbeq" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dxn4-ry85-43dp" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ez7x-sprg-effa" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gt8k-6dg8-qqa8" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-k72d-w9wa-m7b5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/53855?format=api", "purl": "pkg:composer/moodle/moodle@3.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d17g-sacy-nkfw" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d9xk-d7zc-rbeq" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dxn4-ry85-43dp" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ez7x-sprg-effa" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gt8k-6dg8-qqa8" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-k72d-w9wa-m7b5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-u843-6ku8-6bh7" }, { "vulnerability": "VCID-useh-xm73-zub8" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-vx5n-esff-fqew" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yq9c-xav3-e3bv" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.4" } ], "aliases": [ "CVE-2018-1045", "GHSA-595j-wpfg-23w4" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3gup-tvzm-z7dt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15994?format=api", "vulnerability_id": "VCID-3je3-s51r-d7ck", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nmod/lti/service.php in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45463", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45463" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/07/21/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/07/21/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3542", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00427", "scoring_system": "epss", "scoring_elements": "0.62709", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3542" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/78ed99ec7e5e75b283e844adb058140d6ba0ff14", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/78ed99ec7e5e75b283e844adb058140d6ba0ff14" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=264263", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=264263" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3542", "reference_id": "CVE-2014-3542", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3542" }, { "reference_url": "https://github.com/advisories/GHSA-xmwv-mqh8-4xgw", "reference_id": "GHSA-xmwv-mqh8-4xgw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xmwv-mqh8-4xgw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60960?format=api", "purl": "pkg:composer/moodle/moodle@2.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/60961?format=api", "purl": "pkg:composer/moodle/moodle@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q7s7-97ex-7kbj" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.1" } ], "aliases": [ "CVE-2014-3542", "GHSA-xmwv-mqh8-4xgw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3je3-s51r-d7ck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13755?format=api", "vulnerability_id": "VCID-3r3j-bqzm-5ufz", "summary": "Improper Access Control\nA web service fetching messages was not restricted to the current user's conversations.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10154", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.4671", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10154" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10154", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10154" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/2904a7f851da8e66be12f41d55068bf07817fbd6", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/2904a7f851da8e66be12f41d55068bf07817fbd6" }, { "reference_url": "https://github.com/moodle/moodle/commit/a3d19efab4aff83c07db9f0ad34c8f0e1f29c64c", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/a3d19efab4aff83c07db9f0ad34c8f0e1f29c64c" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=386521", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=386521" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10154", "reference_id": "CVE-2019-10154", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10154" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57253?format=api", "purl": "pkg:composer/moodle/moodle@3.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1694-95s2-63a9" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.4" } ], "aliases": [ "CVE-2019-10154", "GHSA-ww45-x87c-wgff" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3r3j-bqzm-5ufz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15909?format=api", "vulnerability_id": "VCID-3skc-qkcm-2qad", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nMoodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not properly restrict the availability of Flowplayer, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted .swf file.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48085", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48085" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5337", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50773", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5337" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/c73f6d03e5037729097bb9f5f5a55be15f3cab18", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/c73f6d03e5037729097bb9f5f5a55be15f3cab18" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=323232", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=323232" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5337", "reference_id": "CVE-2015-5337", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5337" }, { "reference_url": "https://github.com/advisories/GHSA-2hw6-6rgf-726v", "reference_id": "GHSA-2hw6-6rgf-726v", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2hw6-6rgf-726v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/94776?format=api", "purl": "pkg:composer/moodle/moodle@2.7.0-beta", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.0-beta" }, { "url": "http://public2.vulnerablecode.io/api/packages/51497?format=api", "purl": "pkg:composer/moodle/moodle@2.7.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/51487?format=api", "purl": "pkg:composer/moodle/moodle@2.8.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/51489?format=api", "purl": "pkg:composer/moodle/moodle@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.3" } ], "aliases": [ "CVE-2015-5337", "GHSA-2hw6-6rgf-726v" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3skc-qkcm-2qad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16202?format=api", "vulnerability_id": "VCID-3v4a-2pbc-efda", "summary": "Cross-Site Request Forgery (CSRF)\nCross-site request forgery (CSRF) vulnerability in enrol/imsenterprise/importnow.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to hijack the authentication of administrators for requests that import an IMS Enterprise file.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43146", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43146" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/03/17/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/03/17/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0126", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31513", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0126" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/41a19bffeef0ee6b0560a5ff808fd4bd35075fa1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/41a19bffeef0ee6b0560a5ff808fd4bd35075fa1" }, { "reference_url": "https://github.com/moodle/moodle/commit/caf766507771e07c1752ece1f37a32b2b4f6d8b9", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/caf766507771e07c1752ece1f37a32b2b4f6d8b9" }, { "reference_url": "https://github.com/moodle/moodle/commit/ea8647b39ec9cf1d73e04b05559bd12d97aa5229", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/ea8647b39ec9cf1d73e04b05559bd12d97aa5229" }, { "reference_url": "https://github.com/moodle/moodle/commit/eee61675f042a9ec89f8f6d219b4ded010198fe4", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/eee61675f042a9ec89f8f6d219b4ded010198fe4" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=256423", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=256423" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0126", "reference_id": "CVE-2014-0126", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0126" }, { "reference_url": "https://github.com/advisories/GHSA-4wvg-7886-83gv", "reference_id": "GHSA-4wvg-7886-83gv", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4wvg-7886-83gv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60945?format=api", "purl": "pkg:composer/moodle/moodle@2.6.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2p3q-vvfc-tkc5" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3je3-s51r-d7ck" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-963u-un81-k3b2" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-awbx-r2ud-zbcr" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cnuq-ryj8-gud2" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d58t-ca96-xyez" }, { "vulnerability": "VCID-d6zz-q4zg-dfcc" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-e57y-88wh-5bbm" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kxfu-3yzg-pqdt" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-md9r-mr42-1ydb" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-nkvn-u8eg-7ufn" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q36b-zyxf-k3cz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rdvn-frh2-z3dv" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-ta4z-pbfv-juey" }, { "vulnerability": "VCID-tc3c-a1kr-6yfu" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xt6b-xs9e-t7a9" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.2" } ], "aliases": [ "CVE-2014-0126", "GHSA-4wvg-7886-83gv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3v4a-2pbc-efda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170186?format=api", "vulnerability_id": "VCID-4s7h-83dq-aua7", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20184", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.34928", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20184" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=417167", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=417167" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20184", "reference_id": "CVE-2021-20184", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20184" }, { "reference_url": "https://github.com/advisories/GHSA-mm73-86f9-5x5c", "reference_id": "GHSA-mm73-86f9-5x5c", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mm73-86f9-5x5c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77485?format=api", "purl": "pkg:composer/moodle/moodle@3.8.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-p8kp-q9s2-w3dq" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/77484?format=api", "purl": "pkg:composer/moodle/moodle@3.9.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-ex6v-wa1m-j7f6" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-gcfy-vcgn-5uc7" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-p8kp-q9s2-w3dq" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/63969?format=api", "purl": "pkg:composer/moodle/moodle@3.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-6231-6qrp-bqag" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-ex6v-wa1m-j7f6" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-gcfy-vcgn-5uc7" }, { "vulnerability": "VCID-gj75-c27j-ekbu" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-p8kp-q9s2-w3dq" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.1" } ], "aliases": [ "CVE-2021-20184", "GHSA-mm73-86f9-5x5c" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4s7h-83dq-aua7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11939?format=api", "vulnerability_id": "VCID-4t6w-wvj2-ffek", "summary": "Information Exposure\nStudents can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This allows enumerating and guessing emails of other students.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15110", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46715", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15110" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=361784", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=361784" }, { "reference_url": "http://www.securityfocus.com/bid/101909", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/101909" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15110", "reference_id": "CVE-2017-15110", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15110" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/98023?format=api", "purl": "pkg:composer/moodle/moodle@3.1.0-beta", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.0-beta" }, { "url": "http://public2.vulnerablecode.io/api/packages/53067?format=api", "purl": "pkg:composer/moodle/moodle@3.1.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2avg-qvn9-bkdn" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-6xjm-4pjx-xuh7" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d17g-sacy-nkfw" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d9xk-d7zc-rbeq" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dxn4-ry85-43dp" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ez7x-sprg-effa" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gt8k-6dg8-qqa8" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-k72d-w9wa-m7b5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-u843-6ku8-6bh7" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/53068?format=api", "purl": "pkg:composer/moodle/moodle@3.2.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-beap-cjmv-s7he" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d9xk-d7zc-rbeq" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dxn4-ry85-43dp" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ez7x-sprg-effa" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gt8k-6dg8-qqa8" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-k72d-w9wa-m7b5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/53069?format=api", "purl": "pkg:composer/moodle/moodle@3.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-beap-cjmv-s7he" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d17g-sacy-nkfw" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d9xk-d7zc-rbeq" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dxn4-ry85-43dp" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ez7x-sprg-effa" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gt8k-6dg8-qqa8" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-k72d-w9wa-m7b5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-u843-6ku8-6bh7" }, { "vulnerability": "VCID-useh-xm73-zub8" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-vx5n-esff-fqew" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yq9c-xav3-e3bv" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.3" } ], "aliases": [ "CVE-2017-15110", "GHSA-rjh8-w8jg-xwq5" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4t6w-wvj2-ffek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15969?format=api", "vulnerability_id": "VCID-5cjq-4538-7yd3", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nThe account-confirmation feature in login/confirm.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote attackers to obtain sensitive full-name information by attempting to self-register.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50099", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50099" }, { "reference_url": "http://openwall.com/lists/oss-security/2015/05/18/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2015/05/18/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3176", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.63162", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3176" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/4f8b6d567494375017c4bc2228e1668d13b21645", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/4f8b6d567494375017c4bc2228e1668d13b21645" }, { "reference_url": "https://github.com/moodle/moodle/commit/80eb5bc7b7da4927d2d8021e8c18cbd3a8093406", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/80eb5bc7b7da4927d2d8021e8c18cbd3a8093406" }, { "reference_url": "https://github.com/moodle/moodle/commit/d5922686e7622e1aa58b9b31633f0906f5be2eb3", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/d5922686e7622e1aa58b9b31633f0906f5be2eb3" }, { "reference_url": "https://github.com/moodle/moodle/commit/e2e7e35da31ef174589d54f70e791d6acefb59c9", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/e2e7e35da31ef174589d54f70e791d6acefb59c9" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=313683", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=313683" }, { "reference_url": "https://web.archive.org/web/20200228054912/http://www.securityfocus.com/bid/74644", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228054912/http://www.securityfocus.com/bid/74644" }, { "reference_url": "https://web.archive.org/web/20201030042703/http://www.securitytracker.com/id/1032358", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201030042703/http://www.securitytracker.com/id/1032358" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3176", "reference_id": "CVE-2015-3176", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3176" }, { "reference_url": "https://github.com/advisories/GHSA-fqrg-vmvj-jv3x", "reference_id": "GHSA-fqrg-vmvj-jv3x", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fqrg-vmvj-jv3x" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51495?format=api", "purl": "pkg:composer/moodle/moodle@2.6.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/61182?format=api", "purl": "pkg:composer/moodle/moodle@2.7.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/61183?format=api", "purl": "pkg:composer/moodle/moodle@2.8.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.6" } ], "aliases": [ "CVE-2015-3176", "GHSA-fqrg-vmvj-jv3x" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5cjq-4538-7yd3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16214?format=api", "vulnerability_id": "VCID-5k7a-c53n-akbt", "summary": "Cross-Site Request Forgery (CSRF)\nCross-site request forgery (CSRF) vulnerability in mod/assign/adminmanageplugins.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 allows remote attackers to hijack the authentication of administrators for requests that manage Assignment plugins.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-53031", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-53031" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2157", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26714", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2157" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/01b19e761f94a4f3615d5c8f6314309aa83469f3", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/01b19e761f94a4f3615d5c8f6314309aa83469f3" }, { "reference_url": "https://github.com/moodle/moodle/commit/1452f1e1d37d816648e3e015296de59509847287", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/1452f1e1d37d816648e3e015296de59509847287" }, { "reference_url": "https://github.com/moodle/moodle/commit/55ba3a26d2710ce3c5f13287b0c3538b9a934fa4", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/55ba3a26d2710ce3c5f13287b0c3538b9a934fa4" }, { "reference_url": "https://github.com/moodle/moodle/commit/85984545a937b0790c355473d7295eb60b0265eb", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/85984545a937b0790c355473d7295eb60b0265eb" }, { "reference_url": "https://github.com/moodle/moodle/commit/a0cd21cd5cc63961243518a58e9d5d01182dbbb4", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/a0cd21cd5cc63961243518a58e9d5d01182dbbb4" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=330179", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=330179" }, { "reference_url": "https://web.archive.org/web/20160424224349/http://www.securitytracker.com/id/1035333", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20160424224349/http://www.securitytracker.com/id/1035333" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/03/21/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2016/03/21/1" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2157", "reference_id": "CVE-2016-2157", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2157" }, { "reference_url": "https://github.com/advisories/GHSA-f5pm-c4cw-563p", "reference_id": "GHSA-f5pm-c4cw-563p", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f5pm-c4cw-563p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51641?format=api", "purl": "pkg:composer/moodle/moodle@2.7.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/51642?format=api", "purl": "pkg:composer/moodle/moodle@2.8.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/51643?format=api", "purl": "pkg:composer/moodle/moodle@2.9.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/51644?format=api", "purl": "pkg:composer/moodle/moodle@3.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-b3hr-pfv8-uqf6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xatq-q64s-gugm" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.3" } ], "aliases": [ "CVE-2016-2157", "GHSA-f5pm-c4cw-563p" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5k7a-c53n-akbt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15859?format=api", "vulnerability_id": "VCID-5zyh-bs68-23ga", "summary": "Moodle does not properly restrict access\nThe wiki subsystem in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 does not properly restrict (1) view and (2) edit access, which allows remote authenticated users to perform wiki operations by leveraging the student role and using the Recent Activity block to reach the individual wiki of an arbitrary student.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-39990", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-39990" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/03/17/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/03/17/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0123", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.41053", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0123" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/3a7b9b76c2d3c58237bec56b3b537e05c23970ad", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/3a7b9b76c2d3c58237bec56b3b537e05c23970ad" }, { "reference_url": "https://github.com/moodle/moodle/commit/d9596365e59ac53787105ff326f7f2bab5b9bada", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/d9596365e59ac53787105ff326f7f2bab5b9bada" }, { "reference_url": "https://github.com/moodle/moodle/commit/e6499fb8a4463b1130babb09c42f3d5559276d17", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/e6499fb8a4463b1130babb09c42f3d5559276d17" }, { "reference_url": "https://github.com/moodle/moodle/commit/fa0777902633b54ca5566dd8af304ce5587051e5", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/fa0777902633b54ca5566dd8af304ce5587051e5" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=256419", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=256419" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0123", "reference_id": "CVE-2014-0123", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0123" }, { "reference_url": "https://github.com/advisories/GHSA-2vhr-4mhq-m35c", "reference_id": "GHSA-2vhr-4mhq-m35c", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2vhr-4mhq-m35c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60945?format=api", "purl": "pkg:composer/moodle/moodle@2.6.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2p3q-vvfc-tkc5" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3je3-s51r-d7ck" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-963u-un81-k3b2" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-awbx-r2ud-zbcr" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cnuq-ryj8-gud2" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d58t-ca96-xyez" }, { "vulnerability": "VCID-d6zz-q4zg-dfcc" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-e57y-88wh-5bbm" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kxfu-3yzg-pqdt" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-md9r-mr42-1ydb" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-nkvn-u8eg-7ufn" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q36b-zyxf-k3cz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rdvn-frh2-z3dv" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-ta4z-pbfv-juey" }, { "vulnerability": "VCID-tc3c-a1kr-6yfu" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xt6b-xs9e-t7a9" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.2" } ], "aliases": [ "CVE-2014-0123", "GHSA-2vhr-4mhq-m35c" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5zyh-bs68-23ga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16237?format=api", "vulnerability_id": "VCID-65hk-s7eq-n7ba", "summary": "Moodle places a session key in a URL\nrepository/alfresco/lib.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 places a session key in a URL, which allows remote attackers to bypass intended Alfresco Repository file restrictions by impersonating a file's owner.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-29409", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-29409" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/03/17/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/03/17/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0125", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42109", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0125" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/4bc5dd32178cbaa62c466f74bf6d0ebafb697818", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/4bc5dd32178cbaa62c466f74bf6d0ebafb697818" }, { "reference_url": "https://github.com/moodle/moodle/commit/a71a6de914bec01df4268d0547c7a52917c4192f", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/a71a6de914bec01df4268d0547c7a52917c4192f" }, { "reference_url": "https://github.com/moodle/moodle/commit/ee8f17db890d7fa1bfc2cfd49ff8d21b41d29331", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/ee8f17db890d7fa1bfc2cfd49ff8d21b41d29331" }, { "reference_url": "https://github.com/moodle/moodle/commit/f4f0aa27d43527c15070d00bc96be879876ccc38", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/f4f0aa27d43527c15070d00bc96be879876ccc38" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=256422", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=256422" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0125", "reference_id": "CVE-2014-0125", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0125" }, { "reference_url": "https://github.com/advisories/GHSA-j465-7mp6-3xg3", "reference_id": "GHSA-j465-7mp6-3xg3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j465-7mp6-3xg3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60945?format=api", "purl": "pkg:composer/moodle/moodle@2.6.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2p3q-vvfc-tkc5" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3je3-s51r-d7ck" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-963u-un81-k3b2" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-awbx-r2ud-zbcr" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cnuq-ryj8-gud2" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d58t-ca96-xyez" }, { "vulnerability": "VCID-d6zz-q4zg-dfcc" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-e57y-88wh-5bbm" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kxfu-3yzg-pqdt" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-md9r-mr42-1ydb" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-nkvn-u8eg-7ufn" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q36b-zyxf-k3cz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rdvn-frh2-z3dv" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-ta4z-pbfv-juey" }, { "vulnerability": "VCID-tc3c-a1kr-6yfu" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xt6b-xs9e-t7a9" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.2" } ], "aliases": [ "CVE-2014-0125", "GHSA-j465-7mp6-3xg3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-65hk-s7eq-n7ba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16218?format=api", "vulnerability_id": "VCID-6j1h-d82g-6qg7", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nlib/ajax/getnavbranch.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3, when the forcelogin feature is enabled, allows remote attackers to obtain sensitive category-detail information from the navigation branch by leveraging the guest role for an Ajax request.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52774", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52774" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2158", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00328", "scoring_system": "epss", "scoring_elements": "0.5604", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2158" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/0766509ab02353008af62f953f7ebc0f6210411a", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/0766509ab02353008af62f953f7ebc0f6210411a" }, { "reference_url": "https://github.com/moodle/moodle/commit/3c069c16db62d0e0a64137578e92c22d604dd261", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/3c069c16db62d0e0a64137578e92c22d604dd261" }, { "reference_url": "https://github.com/moodle/moodle/commit/7b9fbb1cf4228b39f81454cdb8370e7853fbe184", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/7b9fbb1cf4228b39f81454cdb8370e7853fbe184" }, { "reference_url": "https://github.com/moodle/moodle/commit/dc8421575f35585a7a4fc1c9710dafd1d0483d4e", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/dc8421575f35585a7a4fc1c9710dafd1d0483d4e" }, { "reference_url": "https://github.com/moodle/moodle/commit/ea8987644fdbbee291337263598b0c3c7bf27c36", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/ea8987644fdbbee291337263598b0c3c7bf27c36" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=330180", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=330180" }, { "reference_url": "https://web.archive.org/web/20160424224349/http://www.securitytracker.com/id/1035333", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20160424224349/http://www.securitytracker.com/id/1035333" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/03/21/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2016/03/21/1" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2158", "reference_id": "CVE-2016-2158", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2158" }, { "reference_url": "https://github.com/advisories/GHSA-m882-j7gq-v9p7", "reference_id": "GHSA-m882-j7gq-v9p7", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m882-j7gq-v9p7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51641?format=api", "purl": "pkg:composer/moodle/moodle@2.7.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/51642?format=api", "purl": "pkg:composer/moodle/moodle@2.8.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/51643?format=api", "purl": "pkg:composer/moodle/moodle@2.9.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/51644?format=api", "purl": "pkg:composer/moodle/moodle@3.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-b3hr-pfv8-uqf6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xatq-q64s-gugm" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.3" } ], "aliases": [ "CVE-2016-2158", "GHSA-m882-j7gq-v9p7" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6j1h-d82g-6qg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15933?format=api", "vulnerability_id": "VCID-6m2e-gzpg-97cr", "summary": "Moodle allows attackers to cause a denial of service\nfilter/urltolink/filter.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to cause a denial of service (CPU consumption or partial outage) via a crafted string that is matched against an improper regular expression.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-38466", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-38466" }, { "reference_url": "http://openwall.com/lists/oss-security/2015/03/16/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2015/03/16/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2268", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69506", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2268" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/07323f50ffc71f8ba1b2914ec8947451e32a61c1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/07323f50ffc71f8ba1b2914ec8947451e32a61c1" }, { "reference_url": "https://github.com/moodle/moodle/commit/12ba38e725440eda73301d1dd354583c26d2c65d", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/12ba38e725440eda73301d1dd354583c26d2c65d" }, { "reference_url": "https://github.com/moodle/moodle/commit/1b249517781dbb49aa19040d7bb6d446d325bf8e", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/1b249517781dbb49aa19040d7bb6d446d325bf8e" }, { "reference_url": "https://github.com/moodle/moodle/commit/5219605a81b494c5bb6210ade3ea02d16b1c0d06", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/5219605a81b494c5bb6210ade3ea02d16b1c0d06" }, { "reference_url": "https://github.com/moodle/moodle/commit/71ab589855e6ce9fa9a30051f8efd6153284344e", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/71ab589855e6ce9fa9a30051f8efd6153284344e" }, { "reference_url": "https://github.com/moodle/moodle/commit/82406581afc4fa6e18051900434004d8563cf5c0", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/82406581afc4fa6e18051900434004d8563cf5c0" }, { "reference_url": "https://github.com/moodle/moodle/commit/fdab8c0a518357253ad26bd2f113d7393adf418a", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/fdab8c0a518357253ad26bd2f113d7393adf418a" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=307382", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=307382" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2268", "reference_id": "CVE-2015-2268", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2268" }, { "reference_url": "https://github.com/advisories/GHSA-36cm-vrqh-8p98", "reference_id": "GHSA-36cm-vrqh-8p98", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-36cm-vrqh-8p98" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61020?format=api", "purl": "pkg:composer/moodle/moodle@2.6.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/61021?format=api", "purl": "pkg:composer/moodle/moodle@2.7.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/61022?format=api", "purl": "pkg:composer/moodle/moodle@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.4" } ], "aliases": [ "CVE-2015-2268", "GHSA-36cm-vrqh-8p98" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6m2e-gzpg-97cr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15972?format=api", "vulnerability_id": "VCID-6vaw-uvtq-tbfs", "summary": "Moodle does not verify group permissions\nmod/forum/externallib.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 does not verify group permissions, which allows remote authenticated users to access a forum via the forum_get_discussions web service.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45303", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45303" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/11/17/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/11/17/11" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7834", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40711", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7834" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/3aa9d93c7a78d14fa30e2afbfd8fa7e09bc9cb41", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/3aa9d93c7a78d14fa30e2afbfd8fa7e09bc9cb41" }, { "reference_url": "https://github.com/moodle/moodle/commit/40afeb4044c9718bf175c347f0f9099a037ce9f0", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/40afeb4044c9718bf175c347f0f9099a037ce9f0" }, { "reference_url": "https://github.com/moodle/moodle/commit/79eda0e9a0d15ba1d87187ec712f96abd62748c1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/79eda0e9a0d15ba1d87187ec712f96abd62748c1" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=275159", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=275159" }, { "reference_url": "https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7834", "reference_id": "CVE-2014-7834", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7834" }, { "reference_url": "https://github.com/advisories/GHSA-557f-2hv4-7jjm", "reference_id": "GHSA-557f-2hv4-7jjm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-557f-2hv4-7jjm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60993?format=api", "purl": "pkg:composer/moodle/moodle@2.6.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/60994?format=api", "purl": "pkg:composer/moodle/moodle@2.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3" } ], "aliases": [ "CVE-2014-7834", "GHSA-557f-2hv4-7jjm" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6vaw-uvtq-tbfs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15224?format=api", "vulnerability_id": "VCID-6x4n-my8x-sbfg", "summary": "Uncontrolled Resource Consumption\nA denial-of-service risk was identified in the draft files area, due to it not respecting user file upload limits. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32476", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00674", "scoring_system": "epss", "scoring_elements": "0.71763", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32476" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=422310", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=422310" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32476", "reference_id": "CVE-2021-32476", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32476" }, { "reference_url": "https://github.com/advisories/GHSA-4qxc-qxrp-33cw", "reference_id": "GHSA-4qxc-qxrp-33cw", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4qxc-qxrp-33cw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/59910?format=api", "purl": "pkg:composer/moodle/moodle@3.5.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/58604?format=api", "purl": "pkg:composer/moodle/moodle@3.8.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/59911?format=api", "purl": "pkg:composer/moodle/moodle@3.9.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-ex6v-wa1m-j7f6" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-gcfy-vcgn-5uc7" }, { "vulnerability": "VCID-k253-m5ud-8bgc" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/59912?format=api", "purl": "pkg:composer/moodle/moodle@3.10.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-ex6v-wa1m-j7f6" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-gcfy-vcgn-5uc7" }, { "vulnerability": "VCID-k253-m5ud-8bgc" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.4" } ], "aliases": [ "CVE-2021-32476", "GHSA-4qxc-qxrp-33cw" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6x4n-my8x-sbfg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16208?format=api", "vulnerability_id": "VCID-76mj-hsbv-4kax", "summary": "Moodle attackers to modify grade metadata\nmod/assign/externallib.php in Moodle 2.6.x before 2.6.2 does not properly handle assignment web-service parameters, which might allow remote authenticated users to modify grade metadata via unspecified vectors.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43468", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43468" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/03/17/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/03/17/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2572", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00312", "scoring_system": "epss", "scoring_elements": "0.54669", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2572" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/695a18b6aa9661f812a1a745a888df5acdbd7bc6", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/695a18b6aa9661f812a1a745a888df5acdbd7bc6" }, { "reference_url": "https://github.com/moodle/moodle/commit/f96b8a1c67f4a106fb7fa78b4338f3c35973f1da", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/f96b8a1c67f4a106fb7fa78b4338f3c35973f1da" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=256425", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=256425" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2572", "reference_id": "CVE-2014-2572", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2572" }, { "reference_url": "https://github.com/advisories/GHSA-267j-cwvg-j28c", "reference_id": "GHSA-267j-cwvg-j28c", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-267j-cwvg-j28c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60945?format=api", "purl": "pkg:composer/moodle/moodle@2.6.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2p3q-vvfc-tkc5" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3je3-s51r-d7ck" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-963u-un81-k3b2" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-awbx-r2ud-zbcr" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cnuq-ryj8-gud2" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d58t-ca96-xyez" }, { "vulnerability": "VCID-d6zz-q4zg-dfcc" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-e57y-88wh-5bbm" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kxfu-3yzg-pqdt" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-md9r-mr42-1ydb" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-nkvn-u8eg-7ufn" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q36b-zyxf-k3cz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rdvn-frh2-z3dv" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-ta4z-pbfv-juey" }, { "vulnerability": "VCID-tc3c-a1kr-6yfu" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xt6b-xs9e-t7a9" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.2" } ], "aliases": [ "CVE-2014-2572", "GHSA-267j-cwvg-j28c" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-76mj-hsbv-4kax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16165?format=api", "vulnerability_id": "VCID-7q3q-jd77-1yd3", "summary": "Cross-Site Request Forgery (CSRF)\nMultiple cross-site request forgery (CSRF) vulnerabilities in the Forum module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allow remote attackers to hijack the authentication of arbitrary users for requests that set a tracking preference within (1) mod/forum/deprecatedlib.php, (2) mod/forum/forum.js, (3) mod/forum/index.php, or (4) mod/forum/lib.php.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48019", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48019" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/11/17/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/11/17/11" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7838", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38482", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7838" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/545eb1bcfdbfc352bf6c31edf440485ba6d5af42", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/545eb1bcfdbfc352bf6c31edf440485ba6d5af42" }, { "reference_url": "https://github.com/moodle/moodle/commit/7a311adbba9471edb5a49e4c4b8c356c87f0e44b", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/7a311adbba9471edb5a49e4c4b8c356c87f0e44b" }, { "reference_url": "https://github.com/moodle/moodle/commit/bef4a5e01739f2b239c0910b9e1aa2841b979f7d", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/bef4a5e01739f2b239c0910b9e1aa2841b979f7d" }, { "reference_url": "https://github.com/moodle/moodle/commit/c812956efda7d10dfdce5ae19c0ec8879de38a31", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/c812956efda7d10dfdce5ae19c0ec8879de38a31" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=275164", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=275164" }, { "reference_url": "https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7838", "reference_id": "CVE-2014-7838", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7838" }, { "reference_url": "https://github.com/advisories/GHSA-43r4-vm25-qm78", "reference_id": "GHSA-43r4-vm25-qm78", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-43r4-vm25-qm78" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60993?format=api", "purl": "pkg:composer/moodle/moodle@2.6.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/60994?format=api", "purl": "pkg:composer/moodle/moodle@2.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3" } ], "aliases": [ "CVE-2014-7838", "GHSA-43r4-vm25-qm78" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7q3q-jd77-1yd3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16144?format=api", "vulnerability_id": "VCID-8vks-asjk-hqd7", "summary": "Moodle sensitive information disclosure\nMoodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not consider the moodle/badges:viewbadges capability, which allows remote authenticated users to obtain sensitive badge information via a request involving (1) `badges/overview.php` or (2) `badges/view.php`.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-51684", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-51684" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5340", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38401", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5340" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/47d5c29202e299fdbe54229d3f6b0c381835eae3", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/47d5c29202e299fdbe54229d3f6b0c381835eae3" }, { "reference_url": "https://github.com/moodle/moodle/commit/65734f149f3c7e6cce9402f51f9a97deb31170db", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/65734f149f3c7e6cce9402f51f9a97deb31170db" }, { "reference_url": "https://github.com/moodle/moodle/commit/7cff64fdbfff749e779cb625fbddcce737355100", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/7cff64fdbfff749e779cb625fbddcce737355100" }, { "reference_url": "https://github.com/moodle/moodle/commit/d41fa94a69bebeca69a4cd5332bb9569cfd87b99", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/d41fa94a69bebeca69a4cd5332bb9569cfd87b99" }, { "reference_url": "https://github.com/moodle/moodle/commit/d70f610615242c5c7b3ae0bf7ef6868520dcd850", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/d70f610615242c5c7b3ae0bf7ef6868520dcd850" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=323235", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=323235" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5340", "reference_id": "CVE-2015-5340", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5340" }, { "reference_url": "https://github.com/advisories/GHSA-mmvj-j7hq-rx85", "reference_id": "GHSA-mmvj-j7hq-rx85", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mmvj-j7hq-rx85" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/94776?format=api", "purl": "pkg:composer/moodle/moodle@2.7.0-beta", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.0-beta" }, { "url": "http://public2.vulnerablecode.io/api/packages/51497?format=api", "purl": "pkg:composer/moodle/moodle@2.7.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/51487?format=api", "purl": "pkg:composer/moodle/moodle@2.8.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/51489?format=api", "purl": "pkg:composer/moodle/moodle@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.3" } ], "aliases": [ "CVE-2015-5340", "GHSA-mmvj-j7hq-rx85" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8vks-asjk-hqd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15926?format=api", "vulnerability_id": "VCID-95ha-th5r-xycw", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nmod_scorm in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 mishandles availability dates, which allows remote authenticated users to bypass intended access restrictions and read SCORM contents via unspecified vectors.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50837", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50837" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5341", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35708", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5341" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/03b1f63d40d09c206f641b246110c2371d3068a2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/03b1f63d40d09c206f641b246110c2371d3068a2" }, { "reference_url": "https://github.com/moodle/moodle/commit/3d58fd5841308018b32ca78206c74f27c4d4b9c3", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/3d58fd5841308018b32ca78206c74f27c4d4b9c3" }, { "reference_url": "https://github.com/moodle/moodle/commit/5f65bb2e436620f9026b363484294299c2327740", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/5f65bb2e436620f9026b363484294299c2327740" }, { "reference_url": "https://github.com/moodle/moodle/commit/d01512e36c449f52ddc5e41db567d8f375fc153d", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/d01512e36c449f52ddc5e41db567d8f375fc153d" }, { "reference_url": "https://github.com/moodle/moodle/commit/d28eedd5363b4f081f9e66d0c9014d84792a89d7", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/d28eedd5363b4f081f9e66d0c9014d84792a89d7" }, { "reference_url": "https://github.com/moodle/moodle/commit/f1178ebcd9cf1c149892335c52f6ccad066e3e05", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/f1178ebcd9cf1c149892335c52f6ccad066e3e05" }, { "reference_url": "https://github.com/moodle/moodle/commit/fe9bd2b8bb73e958067f2bdb227a8d0e7cffbcda", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/fe9bd2b8bb73e958067f2bdb227a8d0e7cffbcda" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=323236", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=323236" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5341", "reference_id": "CVE-2015-5341", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5341" }, { "reference_url": "https://github.com/advisories/GHSA-c2r4-f8qv-2v7v", "reference_id": "GHSA-c2r4-f8qv-2v7v", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c2r4-f8qv-2v7v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51497?format=api", "purl": "pkg:composer/moodle/moodle@2.7.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/51487?format=api", "purl": "pkg:composer/moodle/moodle@2.8.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/51489?format=api", "purl": "pkg:composer/moodle/moodle@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.3" } ], "aliases": [ "CVE-2015-5341", "GHSA-c2r4-f8qv-2v7v" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-95ha-th5r-xycw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16028?format=api", "vulnerability_id": "VCID-963u-un81-k3b2", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site scripting (XSS) vulnerability in user/profile.php in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via the Skype ID profile field.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45683", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45683" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/07/21/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/07/21/1" }, { "reference_url": "http://osandamalith.wordpress.com/2014/07/25/moodle-2-7-persistent-xss", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://osandamalith.wordpress.com/2014/07/25/moodle-2-7-persistent-xss" }, { "reference_url": "http://osandamalith.wordpress.com/2014/07/25/moodle-2-7-persistent-xss/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://osandamalith.wordpress.com/2014/07/25/moodle-2-7-persistent-xss/" }, { "reference_url": "http://osvdb.org/show/osvdb/109337", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://osvdb.org/show/osvdb/109337" }, { "reference_url": "http://packetstormsecurity.com/files/127624/Moodle-2.7-Cross-Site-Scripting.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/127624/Moodle-2.7-Cross-Site-Scripting.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3544", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00818", "scoring_system": "epss", "scoring_elements": "0.74661", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3544" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/0207466e778baebff21c7b72bc688761f9c5b0d9", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/0207466e778baebff21c7b72bc688761f9c5b0d9" }, { "reference_url": "https://github.com/moodle/moodle/commit/739d227c58886e9a1be1426ed66053f1d37ee9a9", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/739d227c58886e9a1be1426ed66053f1d37ee9a9" }, { "reference_url": "https://github.com/moodle/moodle/commit/ce5a785b0962c3c94c7a7b0d36176482d21db95d", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/ce5a785b0962c3c94c7a7b0d36176482d21db95d" }, { "reference_url": "https://github.com/moodle/moodle/commit/f7b6562f20f6af4119c7775477cffbaa83229f74", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/f7b6562f20f6af4119c7775477cffbaa83229f74" }, { "reference_url": "http://www.exploit-db.com/exploits/34169", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.exploit-db.com/exploits/34169" }, { "reference_url": "http://www.securityfocus.com/bid/68756", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/68756" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3544", "reference_id": "CVE-2014-3544", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3544" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/34169.txt", "reference_id": "CVE-2014-3544;OSVDB-109337", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/34169.txt" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=264265", "reference_id": "CVE-2014-3544;OSVDB-109337", "reference_type": "exploit", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=264265" }, { "reference_url": "https://github.com/advisories/GHSA-c9jp-244j-vh78", "reference_id": "GHSA-c9jp-244j-vh78", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c9jp-244j-vh78" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60960?format=api", "purl": "pkg:composer/moodle/moodle@2.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/60961?format=api", "purl": "pkg:composer/moodle/moodle@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q7s7-97ex-7kbj" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.1" } ], "aliases": [ "CVE-2014-3544", "GHSA-c9jp-244j-vh78" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-963u-un81-k3b2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15923?format=api", "vulnerability_id": "VCID-a3q6-k8cq-sbaw", "summary": "Moodle allows attackers to cause a denial of service\nfilter/mediaplugin/filter.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to cause a denial of service (CPU consumption or partial outage) via a crafted string that is matched against an improper regular expression.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48546", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48546" }, { "reference_url": "http://openwall.com/lists/oss-security/2015/01/19/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2015/01/19/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0217", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69506", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0217" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/01da07a42be0f69de9f316be6ee8cb25ecd60c19", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/01da07a42be0f69de9f316be6ee8cb25ecd60c19" }, { "reference_url": "https://github.com/moodle/moodle/commit/25191bc31187f6381ad9fc690b653414ea3bc6d4", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/25191bc31187f6381ad9fc690b653414ea3bc6d4" }, { "reference_url": "https://github.com/moodle/moodle/commit/531492a32cf77f90bc48c4868a5f71dd7040049f", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/531492a32cf77f90bc48c4868a5f71dd7040049f" }, { "reference_url": "https://github.com/moodle/moodle/commit/5329d84f0b5767f5bb800b203bfb89753ac35146", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/5329d84f0b5767f5bb800b203bfb89753ac35146" }, { "reference_url": "https://github.com/moodle/moodle/commit/63ed941a9363b6da3322df2b8de5be0d1df6d81a", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/63ed941a9363b6da3322df2b8de5be0d1df6d81a" }, { "reference_url": "https://github.com/moodle/moodle/commit/70229b7ec718ee3929109c54de74a8d14264a166", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/70229b7ec718ee3929109c54de74a8d14264a166" }, { "reference_url": "https://github.com/moodle/moodle/commit/d11969e7775b0fc1a2debf6ec91e42d25b0eeecd", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/d11969e7775b0fc1a2debf6ec91e42d25b0eeecd" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=278617", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=278617" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0217", "reference_id": "CVE-2015-0217", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0217" }, { "reference_url": "https://github.com/advisories/GHSA-p497-37fc-xvvc", "reference_id": "GHSA-p497-37fc-xvvc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p497-37fc-xvvc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61064?format=api", "purl": "pkg:composer/moodle/moodle@2.6.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/61065?format=api", "purl": "pkg:composer/moodle/moodle@2.7.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/61066?format=api", "purl": "pkg:composer/moodle/moodle@2.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.2" } ], "aliases": [ "CVE-2015-0217", "GHSA-p497-37fc-xvvc" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a3q6-k8cq-sbaw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170185?format=api", "vulnerability_id": "VCID-a7n4-f1nk-vqec", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20183", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00372", "scoring_system": "epss", "scoring_elements": "0.59223", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20183" }, { "reference_url": "https://github.com/moodle/moodle/commit/dc9de7b0d487b73c23c221dc0b8b6e01654921f3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/dc9de7b0d487b73c23c221dc0b8b6e01654921f3" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=417166", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=417166" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20183", "reference_id": "CVE-2021-20183", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20183" }, { "reference_url": "https://github.com/advisories/GHSA-xhfx-rm8q-c3xv", "reference_id": "GHSA-xhfx-rm8q-c3xv", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xhfx-rm8q-c3xv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63969?format=api", "purl": "pkg:composer/moodle/moodle@3.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-6231-6qrp-bqag" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-ex6v-wa1m-j7f6" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-gcfy-vcgn-5uc7" }, { "vulnerability": "VCID-gj75-c27j-ekbu" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-p8kp-q9s2-w3dq" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/77487?format=api", "purl": "pkg:composer/moodle/moodle@4.0.0-beta", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-91z3-7wza-c7gs" }, { "vulnerability": "VCID-bvne-5ym9-byaz" }, { "vulnerability": "VCID-zhhy-m421-nffk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.0-beta" } ], "aliases": [ "CVE-2021-20183", "GHSA-xhfx-rm8q-c3xv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a7n4-f1nk-vqec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15222?format=api", "vulnerability_id": "VCID-a8sa-7ed7-wbby", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32475", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55719", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32475" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=422309", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=422309" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32475", "reference_id": "CVE-2021-32475", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32475" }, { "reference_url": "https://github.com/advisories/GHSA-5wjh-v7c8-wrhx", "reference_id": "GHSA-5wjh-v7c8-wrhx", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5wjh-v7c8-wrhx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/59910?format=api", "purl": "pkg:composer/moodle/moodle@3.5.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/58604?format=api", "purl": "pkg:composer/moodle/moodle@3.8.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/59911?format=api", "purl": "pkg:composer/moodle/moodle@3.9.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-ex6v-wa1m-j7f6" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-gcfy-vcgn-5uc7" }, { "vulnerability": "VCID-k253-m5ud-8bgc" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/59912?format=api", "purl": "pkg:composer/moodle/moodle@3.10.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-ex6v-wa1m-j7f6" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-gcfy-vcgn-5uc7" }, { "vulnerability": "VCID-k253-m5ud-8bgc" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.4" } ], "aliases": [ "CVE-2021-32475", "GHSA-5wjh-v7c8-wrhx" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a8sa-7ed7-wbby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11056?format=api", "vulnerability_id": "VCID-aazg-a3fs-nub3", "summary": "Unrestricted Upload of File with Dangerous Type\nUnrestricted file upload vulnerability in the double extension support in the \"image\" module in Moodle allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, and then accessing it via unspecified vectors.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9187", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02078", "scoring_system": "epss", "scoring_elements": "0.84253", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9187" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://packetstormsecurity.com/files/139466/Moodle-CMS-3.1.2-Cross-Site-Scripting-File-Upload.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packetstormsecurity.com/files/139466/Moodle-CMS-3.1.2-Cross-Site-Scripting-File-Upload.html" }, { "reference_url": "http://www.securityfocus.com/bid/94191", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/94191" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9187", "reference_id": "CVE-2016-9187", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9187" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51931?format=api", "purl": "pkg:composer/moodle/moodle@3.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2avg-qvn9-bkdn" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-44x7-sn7m-4kga" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-6xjm-4pjx-xuh7" }, { "vulnerability": "VCID-7gra-fj8d-byej" }, { "vulnerability": "VCID-937t-wbcy-qfbz" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-b3hr-pfv8-uqf6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d17g-sacy-nkfw" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d9xk-d7zc-rbeq" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dxn4-ry85-43dp" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-ewcg-abf2-5uff" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ez7x-sprg-effa" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gt8k-6dg8-qqa8" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-k72d-w9wa-m7b5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mzy3-yscv-9kc4" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-u843-6ku8-6bh7" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xatq-q64s-gugm" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.3" } ], "aliases": [ "CVE-2016-9187", "GHSA-58fm-v4pr-jh8p" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aazg-a3fs-nub3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170189?format=api", "vulnerability_id": "VCID-ajnx-w4at-7fgp", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20187", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00555", "scoring_system": "epss", "scoring_elements": "0.68434", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20187" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=417171", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=417171" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20187", "reference_id": "CVE-2021-20187", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20187" }, { "reference_url": "https://github.com/advisories/GHSA-2jrm-gww7-wch2", "reference_id": "GHSA-2jrm-gww7-wch2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2jrm-gww7-wch2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77486?format=api", "purl": "pkg:composer/moodle/moodle@3.5.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/77485?format=api", "purl": "pkg:composer/moodle/moodle@3.8.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-p8kp-q9s2-w3dq" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/77484?format=api", "purl": "pkg:composer/moodle/moodle@3.9.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-ex6v-wa1m-j7f6" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-gcfy-vcgn-5uc7" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-p8kp-q9s2-w3dq" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/63969?format=api", "purl": "pkg:composer/moodle/moodle@3.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-6231-6qrp-bqag" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-ex6v-wa1m-j7f6" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-gcfy-vcgn-5uc7" }, { "vulnerability": "VCID-gj75-c27j-ekbu" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-p8kp-q9s2-w3dq" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.1" } ], "aliases": [ "CVE-2021-20187", "GHSA-2jrm-gww7-wch2" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ajnx-w4at-7fgp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16142?format=api", "vulnerability_id": "VCID-awbx-r2ud-zbcr", "summary": "Moodle does not properly restrict file access\nThe My Home implementation in the block_html_pluginfile function in blocks/html/lib.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 does not properly restrict file access, which allows remote attackers to obtain sensitive information by visiting an HTML block.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43877", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43877" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/05/19/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/05/19/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0216", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51889", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0216" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/40ad22fdd0d9ed569b2ad0ff6ad02814bfa014b8", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/40ad22fdd0d9ed569b2ad0ff6ad02814bfa014b8" }, { "reference_url": "https://github.com/moodle/moodle/commit/568514ee7f7e994f61e7a44356fe89d0dd18c157", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/568514ee7f7e994f61e7a44356fe89d0dd18c157" }, { "reference_url": "https://github.com/moodle/moodle/commit/7b9acc77efe06f7be7070032b05c3159e0a6d415", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/7b9acc77efe06f7be7070032b05c3159e0a6d415" }, { "reference_url": "https://github.com/moodle/moodle/commit/b04bf988ef47f8fa65dd08ce936ecb774d5d76bd", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/b04bf988ef47f8fa65dd08ce936ecb774d5d76bd" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=260364", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=260364" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0216", "reference_id": "CVE-2014-0216", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0216" }, { "reference_url": "https://github.com/advisories/GHSA-8rc7-4qfv-4484", "reference_id": "GHSA-8rc7-4qfv-4484", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8rc7-4qfv-4484" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61099?format=api", "purl": "pkg:composer/moodle/moodle@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2p3q-vvfc-tkc5" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3je3-s51r-d7ck" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-963u-un81-k3b2" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cnuq-ryj8-gud2" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d58t-ca96-xyez" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kxfu-3yzg-pqdt" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q36b-zyxf-k3cz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-ta4z-pbfv-juey" }, { "vulnerability": "VCID-tc3c-a1kr-6yfu" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xt6b-xs9e-t7a9" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.3" } ], "aliases": [ "CVE-2014-0216", "GHSA-8rc7-4qfv-4484" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-awbx-r2ud-zbcr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15893?format=api", "vulnerability_id": "VCID-bar7-ac9c-y3ca", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nuser/index.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 grants excessive authorization on the basis of the moodle/course:viewhiddenuserfields capability, which allows remote authenticated users to discover student e-mail addresses by leveraging the teacher role and reading a Participants list.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52433", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52433" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2151", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.5591", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2151" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/089ab60017cd3207990658fbd37f7f31948539fa", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/089ab60017cd3207990658fbd37f7f31948539fa" }, { "reference_url": "https://github.com/moodle/moodle/commit/094fddd00f2e8e832e21e80f417c7b88b33a1f27", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/094fddd00f2e8e832e21e80f417c7b88b33a1f27" }, { "reference_url": "https://github.com/moodle/moodle/commit/85380c6b616e82e31115fbb585d37f0e15f8b0b2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/85380c6b616e82e31115fbb585d37f0e15f8b0b2" }, { "reference_url": "https://github.com/moodle/moodle/commit/8e24a54e526c149469bd77c910876c4489e87841", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/8e24a54e526c149469bd77c910876c4489e87841" }, { "reference_url": "https://github.com/moodle/moodle/commit/a0034bb01773e36dffed2a665646f9cc31d68d5b", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/a0034bb01773e36dffed2a665646f9cc31d68d5b" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=330173", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=330173" }, { "reference_url": "https://web.archive.org/web/20160424224349/http://www.securitytracker.com/id/1035333", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20160424224349/http://www.securitytracker.com/id/1035333" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/03/21/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2016/03/21/1" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2151", "reference_id": "CVE-2016-2151", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2151" }, { "reference_url": "https://github.com/advisories/GHSA-r3fc-hx6q-g6cq", "reference_id": "GHSA-r3fc-hx6q-g6cq", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r3fc-hx6q-g6cq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51641?format=api", "purl": "pkg:composer/moodle/moodle@2.7.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/51642?format=api", "purl": "pkg:composer/moodle/moodle@2.8.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/51643?format=api", "purl": "pkg:composer/moodle/moodle@2.9.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/51644?format=api", "purl": "pkg:composer/moodle/moodle@3.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-b3hr-pfv8-uqf6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xatq-q64s-gugm" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.3" } ], "aliases": [ "CVE-2016-2151", "GHSA-r3fc-hx6q-g6cq" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bar7-ac9c-y3ca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16199?format=api", "vulnerability_id": "VCID-bfn5-n8u2-yud5", "summary": "Moodle allows attackers to obtain sensitive information\nThe identity-reporting implementations in mod/forum/renderer.php and mod/quiz/override_form.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 do not properly restrict the display of e-mail addresses, which allows remote authenticated users to obtain sensitive information by using the (1) Forum or (2) Quiz module.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43916", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43916" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/03/17/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/03/17/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0124", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.41855", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0124" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/2978623cda4521773fe2d45e04bee76601de487f", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/2978623cda4521773fe2d45e04bee76601de487f" }, { "reference_url": "https://github.com/moodle/moodle/commit/ae0ec61180ec71cb5b158633b0a3523a7ca41a82", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/ae0ec61180ec71cb5b158633b0a3523a7ca41a82" }, { "reference_url": "https://github.com/moodle/moodle/commit/db4e2c4cd47d48ebf06424d942bf603a8fa94d97", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/db4e2c4cd47d48ebf06424d942bf603a8fa94d97" }, { "reference_url": "https://github.com/moodle/moodle/commit/dc8f55c30211efd6fac80386e5b3bffef31cca13", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/dc8f55c30211efd6fac80386e5b3bffef31cca13" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=256421", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=256421" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0124", "reference_id": "CVE-2014-0124", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0124" }, { "reference_url": "https://github.com/advisories/GHSA-fc5p-vj3h-x7g4", "reference_id": "GHSA-fc5p-vj3h-x7g4", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fc5p-vj3h-x7g4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60945?format=api", "purl": "pkg:composer/moodle/moodle@2.6.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2p3q-vvfc-tkc5" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3je3-s51r-d7ck" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-963u-un81-k3b2" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-awbx-r2ud-zbcr" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cnuq-ryj8-gud2" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d58t-ca96-xyez" }, { "vulnerability": "VCID-d6zz-q4zg-dfcc" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-e57y-88wh-5bbm" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kxfu-3yzg-pqdt" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-md9r-mr42-1ydb" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-nkvn-u8eg-7ufn" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q36b-zyxf-k3cz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rdvn-frh2-z3dv" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-ta4z-pbfv-juey" }, { "vulnerability": "VCID-tc3c-a1kr-6yfu" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xt6b-xs9e-t7a9" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.2" } ], "aliases": [ "CVE-2014-0124", "GHSA-fc5p-vj3h-x7g4" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bfn5-n8u2-yud5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16148?format=api", "vulnerability_id": "VCID-c4kh-k9n2-17a1", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site scripting (XSS) vulnerability in group/overview.php in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 allows remote authenticated users to inject arbitrary web script or HTML via a modified grouping description.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50709", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50709" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5269", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40837", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5269" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/45f3b5302d645ba13ca8b68b0106a638ebd21980", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/45f3b5302d645ba13ca8b68b0106a638ebd21980" }, { "reference_url": "https://github.com/moodle/moodle/commit/a44fed5c804b52e82c334c37dcc1c12b77f97af8", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/a44fed5c804b52e82c334c37dcc1c12b77f97af8" }, { "reference_url": "https://github.com/moodle/moodle/commit/ae6b18a9343083c1ab62d6eb535a7112bd7a3a50", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/ae6b18a9343083c1ab62d6eb535a7112bd7a3a50" }, { "reference_url": "https://github.com/moodle/moodle/commit/fa5a3cdedcd92bd96881fa89a6ff5efd80bd3512", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/fa5a3cdedcd92bd96881fa89a6ff5efd80bd3512" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=320293", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=320293" }, { "reference_url": "https://web.archive.org/web/20160323063809/http://www.securitytracker.com/id/1033619", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20160323063809/http://www.securitytracker.com/id/1033619" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/09/21/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2015/09/21/1" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5269", "reference_id": "CVE-2015-5269", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5269" }, { "reference_url": "https://github.com/advisories/GHSA-5729-822w-j342", "reference_id": "GHSA-5729-822w-j342", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5729-822w-j342" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61185?format=api", "purl": "pkg:composer/moodle/moodle@2.7.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/61186?format=api", "purl": "pkg:composer/moodle/moodle@2.8.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/61187?format=api", "purl": "pkg:composer/moodle/moodle@2.9.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xk8g-cmjz-6qeu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.2" } ], "aliases": [ "CVE-2015-5269", "GHSA-5729-822w-j342" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c4kh-k9n2-17a1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14790?format=api", "vulnerability_id": "VCID-cf2z-a3h4-jkhf", "summary": "Incorrect Authorization\nThe `calendar:manageentries` capability allowed managers to access or modify any calendar event, but should have been restricted from accessing user level events.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0333", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.484", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0333" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043663", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043663" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/2ee27313cea0d7073f5a6a35eccdfddcb3a9adad", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/2ee27313cea0d7073f5a6a35eccdfddcb3a9adad" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=431100", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=431100" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0333", "reference_id": "CVE-2022-0333", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0333" }, { "reference_url": "https://github.com/advisories/GHSA-m434-m5pv-p35w", "reference_id": "GHSA-m434-m5pv-p35w", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m434-m5pv-p35w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/78814?format=api", "purl": "pkg:composer/moodle/moodle@3.9.0-beta", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.0-beta" }, { "url": "http://public2.vulnerablecode.io/api/packages/58599?format=api", "purl": "pkg:composer/moodle/moodle@3.9.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/59248?format=api", "purl": "pkg:composer/moodle/moodle@3.9.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/58600?format=api", "purl": "pkg:composer/moodle/moodle@3.10.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/59249?format=api", "purl": "pkg:composer/moodle/moodle@3.10.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-7zmr-qupd-4fg6" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/59244?format=api", "purl": "pkg:composer/moodle/moodle@3.11.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-wmaz-p29k-kuh8" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.5" } ], "aliases": [ "CVE-2022-0333", "GHSA-m434-m5pv-p35w" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cf2z-a3h4-jkhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16282?format=api", "vulnerability_id": "VCID-cnuq-ryj8-gud2", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nMultiple cross-site scripting (XSS) vulnerabilities in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allow remote attackers to inject arbitrary web script or HTML via vectors that trigger an AJAX exception dialog.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45471", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45471" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/07/21/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/07/21/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3548", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49124", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3548" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/166e18d7cbb36d58d08a2783edd98284d5a3b98a", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/166e18d7cbb36d58d08a2783edd98284d5a3b98a" }, { "reference_url": "https://github.com/moodle/moodle/commit/53ca351f7af8d80a0ff0aba27a1c278fb731d288", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/53ca351f7af8d80a0ff0aba27a1c278fb731d288" }, { "reference_url": "https://github.com/moodle/moodle/commit/6eb787b873f5d3718dc8a74f798ee528d600d8fe", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/6eb787b873f5d3718dc8a74f798ee528d600d8fe" }, { "reference_url": "https://github.com/moodle/moodle/commit/a1ae35173b54ed0c2c3736dfa78cad9899a55d4e", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/a1ae35173b54ed0c2c3736dfa78cad9899a55d4e" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=264270", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=264270" }, { "reference_url": "https://web.archive.org/web/20200228161543/http://www.securityfocus.com/bid/68766", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228161543/http://www.securityfocus.com/bid/68766" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3548", "reference_id": "CVE-2014-3548", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3548" }, { "reference_url": "https://github.com/advisories/GHSA-f66h-6mj2-rwj2", "reference_id": "GHSA-f66h-6mj2-rwj2", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f66h-6mj2-rwj2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60960?format=api", "purl": "pkg:composer/moodle/moodle@2.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/60961?format=api", "purl": "pkg:composer/moodle/moodle@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q7s7-97ex-7kbj" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.1" } ], "aliases": [ "CVE-2014-3548", "GHSA-f66h-6mj2-rwj2" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cnuq-ryj8-gud2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107952?format=api", "vulnerability_id": "VCID-cr7f-vvmv-aqfr", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9188", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47178", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9188" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9188", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9188" }, { "reference_url": "https://packetstormsecurity.com/files/139466/Moodle-CMS-3.1.2-Cross-Site-Scripting-File-Upload.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packetstormsecurity.com/files/139466/Moodle-CMS-3.1.2-Cross-Site-Scripting-File-Upload.html" }, { "reference_url": "https://web.archive.org/web/20210123190812/http://www.securityfocus.com/bid/94189", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210123190812/http://www.securityfocus.com/bid/94189" }, { "reference_url": "https://github.com/advisories/GHSA-7ghm-fp7p-qvjq", "reference_id": "GHSA-7ghm-fp7p-qvjq", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-7ghm-fp7p-qvjq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51930?format=api", "purl": "pkg:composer/moodle/moodle@3.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2avg-qvn9-bkdn" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-44x7-sn7m-4kga" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-6xjm-4pjx-xuh7" }, { "vulnerability": "VCID-7gra-fj8d-byej" }, { "vulnerability": "VCID-937t-wbcy-qfbz" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-b3hr-pfv8-uqf6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d17g-sacy-nkfw" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d9xk-d7zc-rbeq" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dxn4-ry85-43dp" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-ewcg-abf2-5uff" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ez7x-sprg-effa" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gt8k-6dg8-qqa8" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-k72d-w9wa-m7b5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mzy3-yscv-9kc4" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-u843-6ku8-6bh7" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xatq-q64s-gugm" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.2" } ], "aliases": [ "CVE-2016-9188", "GHSA-7ghm-fp7p-qvjq" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cr7f-vvmv-aqfr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/136434?format=api", "vulnerability_id": "VCID-d2au-r7m3-cyc8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10189", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36039", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10189" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10189", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10189" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=388570", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=388570" }, { "reference_url": "http://www.securityfocus.com/bid/109271", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/109271" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10189", "reference_id": "CVE-2019-10189", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10189" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/142887?format=api", "purl": "pkg:composer/moodle/moodle@3.5.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17vy-726y-u7fz" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-68h6-fzmy-qqce" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-8xgp-3nds-d7dm" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-f1na-71hq-w7c3" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-ktfp-pk4e-2fa7" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-urh4-9kzr-93c3" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wk9h-bhj5-zua8" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y1m2-7ua9-47fm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/142888?format=api", "purl": "pkg:composer/moodle/moodle@3.6.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1694-95s2-63a9" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/142889?format=api", "purl": "pkg:composer/moodle/moodle@3.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1694-95s2-63a9" }, { "vulnerability": "VCID-17vy-726y-u7fz" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-5n6q-kt6b-zfbc" }, { "vulnerability": "VCID-68h6-fzmy-qqce" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8ct-r1tq-tfdr" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-f1na-71hq-w7c3" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gu1a-396c-7bgp" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-ktfp-pk4e-2fa7" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-u5tg-a91q-ckf3" }, { "vulnerability": "VCID-urh4-9kzr-93c3" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wk9h-bhj5-zua8" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y1m2-7ua9-47fm" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1" } ], "aliases": [ "CVE-2019-10189", "GHSA-h7xp-7fjp-ghhc" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d2au-r7m3-cyc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15928?format=api", "vulnerability_id": "VCID-d58t-ca96-xyez", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nmod/imscp/locallib.php in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote attackers to read arbitrary files via a package with a manifest file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue affecting IMSCP resources and the IMSCC format.", "references": [ { "reference_url": "http://openwall.com/lists/oss-security/2014/07/21/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/07/21/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3543", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00427", "scoring_system": "epss", "scoring_elements": "0.62709", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3543" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/595ef4772d330a20c757635ab090acdcc9b2a2fa", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/595ef4772d330a20c757635ab090acdcc9b2a2fa" }, { "reference_url": "https://git.moodle.org/gw?p=moodle.git;a=commit;h=595ef4772d330a20c757635ab090acdcc9b2a2fa", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.moodle.org/gw?p=moodle.git;a=commit;h=595ef4772d330a20c757635ab090acdcc9b2a2fa" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=264264", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=264264" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3543", "reference_id": "CVE-2014-3543", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3543" }, { "reference_url": "https://github.com/advisories/GHSA-27j2-c838-c3qg", "reference_id": "GHSA-27j2-c838-c3qg", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-27j2-c838-c3qg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60960?format=api", "purl": "pkg:composer/moodle/moodle@2.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/60961?format=api", "purl": "pkg:composer/moodle/moodle@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q7s7-97ex-7kbj" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.1" } ], "aliases": [ "CVE-2014-3543", "GHSA-27j2-c838-c3qg" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d58t-ca96-xyez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16047?format=api", "vulnerability_id": "VCID-d6zz-q4zg-dfcc", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nThe blind-marking implementation in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote authenticated users to de-anonymize student identities by (1) using a screen reader or (2) reading the HTML source.", "references": [ { "reference_url": "http://openwall.com/lists/oss-security/2014/05/19/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/05/19/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0215", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.41855", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0215" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=260363", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=260363" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0215", "reference_id": "CVE-2014-0215", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0215" }, { "reference_url": "https://github.com/advisories/GHSA-2fmv-j5xj-4fmq", "reference_id": "GHSA-2fmv-j5xj-4fmq", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2fmv-j5xj-4fmq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61099?format=api", "purl": "pkg:composer/moodle/moodle@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2p3q-vvfc-tkc5" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3je3-s51r-d7ck" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-963u-un81-k3b2" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cnuq-ryj8-gud2" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d58t-ca96-xyez" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kxfu-3yzg-pqdt" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q36b-zyxf-k3cz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-ta4z-pbfv-juey" }, { "vulnerability": "VCID-tc3c-a1kr-6yfu" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xt6b-xs9e-t7a9" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/51496?format=api", "purl": "pkg:composer/moodle/moodle@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2p3q-vvfc-tkc5" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3je3-s51r-d7ck" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-963u-un81-k3b2" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cnuq-ryj8-gud2" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d58t-ca96-xyez" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kxfu-3yzg-pqdt" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q36b-zyxf-k3cz" }, { "vulnerability": "VCID-q7s7-97ex-7kbj" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-ta4z-pbfv-juey" }, { "vulnerability": "VCID-tc3c-a1kr-6yfu" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xt6b-xs9e-t7a9" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.0" } ], "aliases": [ "CVE-2014-0215", "GHSA-2fmv-j5xj-4fmq" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d6zz-q4zg-dfcc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170188?format=api", "vulnerability_id": "VCID-dhu5-3tda-2qfx", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20186", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.63027", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20186" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=417170", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=417170" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20186", "reference_id": "CVE-2021-20186", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20186" }, { "reference_url": "https://github.com/advisories/GHSA-h8m4-h385-qhqv", "reference_id": "GHSA-h8m4-h385-qhqv", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h8m4-h385-qhqv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77486?format=api", "purl": "pkg:composer/moodle/moodle@3.5.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/77485?format=api", "purl": "pkg:composer/moodle/moodle@3.8.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-p8kp-q9s2-w3dq" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/77484?format=api", "purl": "pkg:composer/moodle/moodle@3.9.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-ex6v-wa1m-j7f6" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-gcfy-vcgn-5uc7" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-p8kp-q9s2-w3dq" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/63969?format=api", "purl": "pkg:composer/moodle/moodle@3.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-6231-6qrp-bqag" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-ex6v-wa1m-j7f6" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-gcfy-vcgn-5uc7" }, { "vulnerability": "VCID-gj75-c27j-ekbu" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-p8kp-q9s2-w3dq" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.1" } ], "aliases": [ "CVE-2021-20186", "GHSA-h8m4-h385-qhqv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dhu5-3tda-2qfx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16053?format=api", "vulnerability_id": "VCID-dpjj-kasd-gugv", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site scripting (XSS) vulnerability in the external_format_text function in lib/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to inject arbitrary web script or HTML into an external application via a crafted string that is visible to web services.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49718", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49718" }, { "reference_url": "http://openwall.com/lists/oss-security/2015/05/18/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2015/05/18/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3178", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43129", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3178" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/28947c1d7d9c53781989b9da7ceb2cafdd144749", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/28947c1d7d9c53781989b9da7ceb2cafdd144749" }, { "reference_url": "https://github.com/moodle/moodle/commit/2c7d13dba37aa0c850c62037b951efd6dc1b0f78", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/2c7d13dba37aa0c850c62037b951efd6dc1b0f78" }, { "reference_url": "https://github.com/moodle/moodle/commit/77067fbb3a248ac2f1fa4b3c20e5b81f768940e5", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/77067fbb3a248ac2f1fa4b3c20e5b81f768940e5" }, { "reference_url": "https://github.com/moodle/moodle/commit/7f5bd0da0e25feb3b6da3908b6672a58af82e12f", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/7f5bd0da0e25feb3b6da3908b6672a58af82e12f" }, { "reference_url": "https://github.com/moodle/moodle/commit/b4da1e0ae4f63ef0bb14b8bf5c0b86cd00f2af4b", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/b4da1e0ae4f63ef0bb14b8bf5c0b86cd00f2af4b" }, { "reference_url": "https://github.com/moodle/moodle/commit/d62d36c657a5df45ee286722490abb7901381da6", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/d62d36c657a5df45ee286722490abb7901381da6" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=313685", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=313685" }, { "reference_url": "https://web.archive.org/web/20200228054910/http://www.securityfocus.com/bid/74726", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228054910/http://www.securityfocus.com/bid/74726" }, { "reference_url": "https://web.archive.org/web/20201201000000*/http://www.securitytracker.com/id/1032358", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201201000000*/http://www.securitytracker.com/id/1032358" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3178", "reference_id": "CVE-2015-3178", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3178" }, { "reference_url": "https://github.com/advisories/GHSA-9fmw-m4qx-6cq8", "reference_id": "GHSA-9fmw-m4qx-6cq8", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9fmw-m4qx-6cq8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51495?format=api", "purl": "pkg:composer/moodle/moodle@2.6.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/61182?format=api", "purl": "pkg:composer/moodle/moodle@2.7.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/61183?format=api", "purl": "pkg:composer/moodle/moodle@2.8.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.6" } ], "aliases": [ "CVE-2015-3178", "GHSA-9fmw-m4qx-6cq8" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dpjj-kasd-gugv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16151?format=api", "vulnerability_id": "VCID-dxhz-meyr-dye6", "summary": "Moodle allows bypass of intended access restrictions\nmod/chat/chat_ajax.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 does not properly check for the mod/chat:chat capability during chat sessions, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by remaining in a chat session after an intra-session capability removal by an administrator.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44082", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44082" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/03/17/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/03/17/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0122", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.3813", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0122" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/3d7810ab3d67a423a760ba89ae75de81d940b236", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/3d7810ab3d67a423a760ba89ae75de81d940b236" }, { "reference_url": "https://github.com/moodle/moodle/commit/4d4867503c2467cb04660d9cb314d22f56004054", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/4d4867503c2467cb04660d9cb314d22f56004054" }, { "reference_url": "https://github.com/moodle/moodle/commit/5c45ea0c6bf2fdf4dddfaef9fc5ff12e6b426a3f", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/5c45ea0c6bf2fdf4dddfaef9fc5ff12e6b426a3f" }, { "reference_url": "https://github.com/moodle/moodle/commit/7748e17207b1a28118d9dc622878da22f956d3fe", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/7748e17207b1a28118d9dc622878da22f956d3fe" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=256418", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=256418" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0122", "reference_id": "CVE-2014-0122", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0122" }, { "reference_url": "https://github.com/advisories/GHSA-f9m9-494r-w36p", "reference_id": "GHSA-f9m9-494r-w36p", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f9m9-494r-w36p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60945?format=api", "purl": "pkg:composer/moodle/moodle@2.6.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2p3q-vvfc-tkc5" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3je3-s51r-d7ck" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-963u-un81-k3b2" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-awbx-r2ud-zbcr" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cnuq-ryj8-gud2" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d58t-ca96-xyez" }, { "vulnerability": "VCID-d6zz-q4zg-dfcc" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-e57y-88wh-5bbm" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kxfu-3yzg-pqdt" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-md9r-mr42-1ydb" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-nkvn-u8eg-7ufn" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q36b-zyxf-k3cz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rdvn-frh2-z3dv" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-ta4z-pbfv-juey" }, { "vulnerability": "VCID-tc3c-a1kr-6yfu" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xt6b-xs9e-t7a9" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.2" } ], "aliases": [ "CVE-2014-0122", "GHSA-f9m9-494r-w36p" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dxhz-meyr-dye6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14366?format=api", "vulnerability_id": "VCID-e52k-bb2k-tbgh", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nA URL parameter in the filetype site administrator tool requires extra sanitizing to prevent a reflected XSS risk.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43558", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36515", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43558" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2021515", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2021515" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=429097", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=429097" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43558", "reference_id": "CVE-2021-43558", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43558" }, { "reference_url": "https://github.com/advisories/GHSA-wpfp-q843-v772", "reference_id": "GHSA-wpfp-q843-v772", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wpfp-q843-v772" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/58604?format=api", "purl": "pkg:composer/moodle/moodle@3.8.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/58599?format=api", "purl": "pkg:composer/moodle/moodle@3.9.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/58600?format=api", "purl": "pkg:composer/moodle/moodle@3.10.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/58601?format=api", "purl": "pkg:composer/moodle/moodle@3.11.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fxx8-f2pp-27du" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-wmaz-p29k-kuh8" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.4" } ], "aliases": [ "CVE-2021-43558", "GHSA-wpfp-q843-v772" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e52k-bb2k-tbgh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16171?format=api", "vulnerability_id": "VCID-e57y-88wh-5bbm", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site scripting (XSS) vulnerability in the URL downloader repository in repository/url/lib.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45332", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45332" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/05/19/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/05/19/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0218", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49124", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0218" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/5c276a4c324b5137064496d6dd68e71476015fcd", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/5c276a4c324b5137064496d6dd68e71476015fcd" }, { "reference_url": "https://github.com/moodle/moodle/commit/729783c4ba971413198f30784b48e3f2107a8da6", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/729783c4ba971413198f30784b48e3f2107a8da6" }, { "reference_url": "https://github.com/moodle/moodle/commit/b8a6f7d19d623bcf992d8ecda94324100bc50e9d", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/b8a6f7d19d623bcf992d8ecda94324100bc50e9d" }, { "reference_url": "https://github.com/moodle/moodle/commit/c5e8a036c509197bb2927f47c0579992be479f35", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/c5e8a036c509197bb2927f47c0579992be479f35" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=260366", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=260366" }, { "reference_url": "https://web.archive.org/web/20141224120458/http://www.securityfocus.com/bid/67479", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20141224120458/http://www.securityfocus.com/bid/67479" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0218", "reference_id": "CVE-2014-0218", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0218" }, { "reference_url": "https://github.com/advisories/GHSA-ch68-5r37-p7c3", "reference_id": "GHSA-ch68-5r37-p7c3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-ch68-5r37-p7c3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61099?format=api", "purl": "pkg:composer/moodle/moodle@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2p3q-vvfc-tkc5" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3je3-s51r-d7ck" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-963u-un81-k3b2" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cnuq-ryj8-gud2" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d58t-ca96-xyez" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kxfu-3yzg-pqdt" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q36b-zyxf-k3cz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-ta4z-pbfv-juey" }, { "vulnerability": "VCID-tc3c-a1kr-6yfu" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xt6b-xs9e-t7a9" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.3" } ], "aliases": [ "CVE-2014-0218", "GHSA-ch68-5r37-p7c3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e57y-88wh-5bbm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16036?format=api", "vulnerability_id": "VCID-ea5x-b3ct-aqgt", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nMultiple cross-site scripting (XSS) vulnerabilities in Flowplayer Flash before 3.2.17, as used in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2, allow remote attackers to inject arbitrary web script or HTML by (1) providing a crafted playerId or (2) referencing an external domain, a related issue to CVE-2013-7342.", "references": [ { "reference_url": "http://flash.flowplayer.org/documentation/version-history.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://flash.flowplayer.org/documentation/version-history.html" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43344", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43344" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/03/17/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/03/17/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-7341", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49414", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-7341" }, { "reference_url": "https://github.com/flowplayer/flash/issues/121", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/flowplayer/flash/issues/121" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/98d135fea3006334093efa822205d4b2c3fd8ff9", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/98d135fea3006334093efa822205d4b2c3fd8ff9" }, { "reference_url": "https://github.com/moodle/moodle/commit/9f2967e301d123d11625f3b6948e1ee538086791", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/9f2967e301d123d11625f3b6948e1ee538086791" }, { "reference_url": "https://github.com/moodle/moodle/commit/c3cd5e1db9de4f1a634492d99990534e30518066", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/c3cd5e1db9de4f1a634492d99990534e30518066" }, { "reference_url": "https://github.com/moodle/moodle/commit/d65634044ebaa738f55bdec521beb42844d6916a", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/d65634044ebaa738f55bdec521beb42844d6916a" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=256420", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=256420" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2015-007", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2015-007" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-7341", "reference_id": "CVE-2013-7341", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-7341" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2013-7341.yaml", "reference_id": "CVE-2013-7341.YAML", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2013-7341.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-j6c3-3c4w-qv8p", "reference_id": "GHSA-j6c3-3c4w-qv8p", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j6c3-3c4w-qv8p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60945?format=api", "purl": "pkg:composer/moodle/moodle@2.6.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2p3q-vvfc-tkc5" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3je3-s51r-d7ck" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-963u-un81-k3b2" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-awbx-r2ud-zbcr" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cnuq-ryj8-gud2" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d58t-ca96-xyez" }, { "vulnerability": "VCID-d6zz-q4zg-dfcc" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-e57y-88wh-5bbm" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kxfu-3yzg-pqdt" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-md9r-mr42-1ydb" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-nkvn-u8eg-7ufn" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q36b-zyxf-k3cz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rdvn-frh2-z3dv" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-ta4z-pbfv-juey" }, { "vulnerability": "VCID-tc3c-a1kr-6yfu" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xt6b-xs9e-t7a9" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.2" } ], "aliases": [ "CVE-2013-7341", "GHSA-j6c3-3c4w-qv8p" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ea5x-b3ct-aqgt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13466?format=api", "vulnerability_id": "VCID-eb8w-rqef-sqca", "summary": "Improper Authorization\nUsers could assign themselves an escalated role within courses or content accessed via LTI, by modifying the request to the LTI publisher site.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3849", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59339", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3849" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3849", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3849" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/427463a52574e4b3bcbe1c65c49066438770641e", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/427463a52574e4b3bcbe1c65c49066438770641e" }, { "reference_url": "https://github.com/moodle/moodle/commit/430f685834cef190bdf58afabe79e765d596890d", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/430f685834cef190bdf58afabe79e765d596890d" }, { "reference_url": "https://github.com/moodle/moodle/commit/723d1a747555b795ed53a0fad01da455797bb78f", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/723d1a747555b795ed53a0fad01da455797bb78f" }, { "reference_url": "https://github.com/moodle/moodle/commit/898d5d05a0c3ae6795db0241bf3cb5951213d45c", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/898d5d05a0c3ae6795db0241bf3cb5951213d45c" }, { "reference_url": "https://github.com/moodle/moodle/commit/b77dcd23d8e39265b5c096f0d947764c02d832c8", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/b77dcd23d8e39265b5c096f0d947764c02d832c8" }, { "reference_url": "https://github.com/moodle/moodle/commit/cd3060d941a051931eb2613b25bafb0108665895", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/cd3060d941a051931eb2613b25bafb0108665895" }, { "reference_url": "https://github.com/moodle/moodle/commit/fba7dcd90abd45210d782a79c6e25bb3840c7438", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/fba7dcd90abd45210d782a79c6e25bb3840c7438" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=384012#p1547744", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=384012#p1547744" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3849", "reference_id": "CVE-2019-3849", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3849" }, { "reference_url": "https://github.com/advisories/GHSA-5wg9-5w3f-hxmh", "reference_id": "GHSA-5wg9-5w3f-hxmh", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5wg9-5w3f-hxmh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56661?format=api", "purl": "pkg:composer/moodle/moodle@3.4.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/56659?format=api", "purl": "pkg:composer/moodle/moodle@3.5.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17vy-726y-u7fz" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-68h6-fzmy-qqce" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-8xgp-3nds-d7dm" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-f1na-71hq-w7c3" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-ktfp-pk4e-2fa7" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-urh4-9kzr-93c3" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wk9h-bhj5-zua8" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y1m2-7ua9-47fm" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/56660?format=api", "purl": "pkg:composer/moodle/moodle@3.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1694-95s2-63a9" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.3" } ], "aliases": [ "CVE-2019-3849", "GHSA-5wg9-5w3f-hxmh" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eb8w-rqef-sqca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12947?format=api", "vulnerability_id": "VCID-ehpf-6ra7-syfy", "summary": "Code Injection\nMoodle is vulnerable to an XML import of ddwtos could lead to intentional remote code execution. When importing legacy `drag and drop into text` (ddwtos) type quiz questions, it was possible to inject and execute PHP code from within the imported questions, either intentionally or by importing questions from an untrusted source.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-62880", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-62880" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14630", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01859", "scoring_system": "epss", "scoring_elements": "0.83373", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14630" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14630", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14630" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/09cbca8566a388e8f0a1a0cfd86cd0667088ed2c", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/09cbca8566a388e8f0a1a0cfd86cd0667088ed2c" }, { "reference_url": "https://github.com/moodle/moodle/commit/be092b730910ad97fff0511e177a097ec1cc4b1c", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/be092b730910ad97fff0511e177a097ec1cc4b1c" }, { "reference_url": "https://github.com/moodle/moodle/commit/cb8aefa658cf7ad8f002a480343afb2dea94cc08", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/cb8aefa658cf7ad8f002a480343afb2dea94cc08" }, { "reference_url": "https://github.com/moodle/moodle/commit/cfc4393aa689c277a27b9a040ff7dcbdac4e41dd", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/cfc4393aa689c277a27b9a040ff7dcbdac4e41dd" }, { "reference_url": "https://github.com/moodle/moodle/commit/da1eeea0ff3d292b7669e478abc114872dd9cc8f", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/da1eeea0ff3d292b7669e478abc114872dd9cc8f" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=376023", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=376023" }, { "reference_url": "https://seclists.org/fulldisclosure/2018/Sep/28", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://seclists.org/fulldisclosure/2018/Sep/28" }, { "reference_url": "https://web.archive.org/web/20200227111301/https://www.securityfocus.com/bid/105354", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200227111301/https://www.securityfocus.com/bid/105354" }, { "reference_url": "https://www.sec-consult.com/en/blog/advisories/remote-code-execution-php-unserialize-moodle-open-source-learning-platform-cve-2018-14630", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.sec-consult.com/en/blog/advisories/remote-code-execution-php-unserialize-moodle-open-source-learning-platform-cve-2018-14630" }, { "reference_url": "https://www.sec-consult.com/en/blog/advisories/remote-code-execution-php-unserialize-moodle-open-source-learning-platform-cve-2018-14630/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.sec-consult.com/en/blog/advisories/remote-code-execution-php-unserialize-moodle-open-source-learning-platform-cve-2018-14630/" }, { "reference_url": "http://www.securityfocus.com/bid/105354", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/105354" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14630", "reference_id": "CVE-2018-14630", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14630" }, { "reference_url": "https://github.com/advisories/GHSA-c3pr-h96w-2jjg", "reference_id": "GHSA-c3pr-h96w-2jjg", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c3pr-h96w-2jjg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/98023?format=api", "purl": "pkg:composer/moodle/moodle@3.1.0-beta", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.0-beta" }, { "url": "http://public2.vulnerablecode.io/api/packages/55462?format=api", "purl": "pkg:composer/moodle/moodle@3.1.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2avg-qvn9-bkdn" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-6xjm-4pjx-xuh7" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/55459?format=api", "purl": "pkg:composer/moodle/moodle@3.3.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/55460?format=api", "purl": "pkg:composer/moodle/moodle@3.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2avg-qvn9-bkdn" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/55461?format=api", "purl": "pkg:composer/moodle/moodle@3.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17vy-726y-u7fz" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2avg-qvn9-bkdn" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-68h6-fzmy-qqce" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-8xgp-3nds-d7dm" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ecj2-c6rx-57a1" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-f1na-71hq-w7c3" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-ktfp-pk4e-2fa7" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-urh4-9kzr-93c3" }, { "vulnerability": "VCID-vabw-g3da-bqbz" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wk9h-bhj5-zua8" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y1m2-7ua9-47fm" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.2" } ], "aliases": [ "CVE-2018-14630", "GHSA-c3pr-h96w-2jjg" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ehpf-6ra7-syfy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/183077?format=api", "vulnerability_id": "VCID-eq8q-vrca-xbdb", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-40691", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.59704", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-40691" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043411", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043411" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-40691", "reference_id": "CVE-2021-40691", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-40691" }, { "reference_url": "https://github.com/advisories/GHSA-92vh-mr2w-j2cr", "reference_id": "GHSA-92vh-mr2w-j2cr", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-92vh-mr2w-j2cr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/58594?format=api", "purl": "pkg:composer/moodle/moodle@3.9.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/58596?format=api", "purl": "pkg:composer/moodle/moodle@3.10.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/58598?format=api", "purl": "pkg:composer/moodle/moodle@3.11.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fxx8-f2pp-27du" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wmaz-p29k-kuh8" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.3" } ], "aliases": [ "CVE-2021-40691", "GHSA-92vh-mr2w-j2cr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eq8q-vrca-xbdb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/183079?format=api", "vulnerability_id": "VCID-exk5-1mmz-7kep", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-40693", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48578", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-40693" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043417", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043417" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-40693", "reference_id": "CVE-2021-40693", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-40693" }, { "reference_url": "https://github.com/advisories/GHSA-2jxg-mv2m-j4r7", "reference_id": "GHSA-2jxg-mv2m-j4r7", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2jxg-mv2m-j4r7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/58594?format=api", "purl": "pkg:composer/moodle/moodle@3.9.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/58596?format=api", "purl": "pkg:composer/moodle/moodle@3.10.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/58598?format=api", "purl": "pkg:composer/moodle/moodle@3.11.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fxx8-f2pp-27du" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wmaz-p29k-kuh8" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.3" } ], "aliases": [ "CVE-2021-40693", "GHSA-2jxg-mv2m-j4r7" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-exk5-1mmz-7kep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16280?format=api", "vulnerability_id": "VCID-ey36-w13k-8fb9", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nwebservice/upload.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 does not ensure that a file upload is for a private or draft area, which allows remote authenticated users to upload files containing JavaScript, and consequently conduct cross-site scripting (XSS) attacks, by specifying the profile-picture area.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47868", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47868" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/11/17/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/11/17/11" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7835", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39326", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7835" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/2f87351d5480f562d6811cdf3bea032612e0325e", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/2f87351d5480f562d6811cdf3bea032612e0325e" }, { "reference_url": "https://github.com/moodle/moodle/commit/76ae1f6068f63149acc2d8c362af94067f4a227d", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/76ae1f6068f63149acc2d8c362af94067f4a227d" }, { "reference_url": "https://github.com/moodle/moodle/commit/ea1fbc00285514242d620ea017e187eb139deedb", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/ea1fbc00285514242d620ea017e187eb139deedb" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=275161", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=275161" }, { "reference_url": "https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7835", "reference_id": "CVE-2014-7835", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7835" }, { "reference_url": "https://github.com/advisories/GHSA-vrf6-q7qj-69v5", "reference_id": "GHSA-vrf6-q7qj-69v5", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vrf6-q7qj-69v5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60993?format=api", "purl": "pkg:composer/moodle/moodle@2.6.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/60994?format=api", "purl": "pkg:composer/moodle/moodle@2.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3" } ], "aliases": [ "CVE-2014-7835", "GHSA-vrf6-q7qj-69v5" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ey36-w13k-8fb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11251?format=api", "vulnerability_id": "VCID-fgw6-c8p8-u7hw", "summary": "Injection Vulnerability\nIn Moodle, text injection can occur in email headers, potentially leading to outbound spam.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5013", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58618", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5013" }, { "reference_url": "https://github.com/moodle/moodle/commit/ed63718caa48803843a14140d8a27f04aba9c8c4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/ed63718caa48803843a14140d8a27f04aba9c8c4" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=336698", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=336698" }, { "reference_url": "https://web.archive.org/web/20210123154543/http://www.securityfocus.com/bid/92040", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210123154543/http://www.securityfocus.com/bid/92040" }, { "reference_url": "http://www.securityfocus.com/bid/92040", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/92040" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5013", "reference_id": "CVE-2016-5013", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5013" }, { "reference_url": "https://github.com/advisories/GHSA-2hh3-jmv8-5fmx", "reference_id": "GHSA-2hh3-jmv8-5fmx", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2hh3-jmv8-5fmx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52155?format=api", "purl": "pkg:composer/moodle/moodle@2.7.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/98015?format=api", "purl": "pkg:composer/moodle/moodle@2.9.0-beta", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.0-beta" }, { "url": "http://public2.vulnerablecode.io/api/packages/52157?format=api", "purl": "pkg:composer/moodle/moodle@2.9.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/52158?format=api", "purl": "pkg:composer/moodle/moodle@3.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-b3hr-pfv8-uqf6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xatq-q64s-gugm" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/52154?format=api", "purl": "pkg:composer/moodle/moodle@3.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2avg-qvn9-bkdn" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-44x7-sn7m-4kga" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-6xjm-4pjx-xuh7" }, { "vulnerability": "VCID-7gra-fj8d-byej" }, { "vulnerability": "VCID-937t-wbcy-qfbz" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-b3hr-pfv8-uqf6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d17g-sacy-nkfw" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d9xk-d7zc-rbeq" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dxn4-ry85-43dp" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-ewcg-abf2-5uff" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ez7x-sprg-effa" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gt8k-6dg8-qqa8" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-k72d-w9wa-m7b5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mzy3-yscv-9kc4" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-u843-6ku8-6bh7" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xatq-q64s-gugm" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.1" } ], "aliases": [ "CVE-2016-5013", "GHSA-2hh3-jmv8-5fmx" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fgw6-c8p8-u7hw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14787?format=api", "vulnerability_id": "VCID-fj1x-be1c-h3c4", "summary": "Exposure of Resource to Wrong Sphere\nInsufficient capability checks could lead to users accessing their grade report for courses where they does not have the required `gradereport/user:view` capability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0334", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.3509", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0334" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043664", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043664" }, { "reference_url": "https://github.com/moodle/moodle/commit/1964d68f8500ea3c7b776fa8a2af6266ed109f84", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/1964d68f8500ea3c7b776fa8a2af6266ed109f84" }, { "reference_url": "https://github.com/moodle/moodle/commit/6d18f136ae88ec97e351a723df570816a959ec68", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/6d18f136ae88ec97e351a723df570816a959ec68" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=431102", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=431102" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0334", "reference_id": "CVE-2022-0334", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0334" }, { "reference_url": "https://github.com/advisories/GHSA-93pj-4p65-qmr9", "reference_id": "GHSA-93pj-4p65-qmr9", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-93pj-4p65-qmr9" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/78814?format=api", "purl": "pkg:composer/moodle/moodle@3.9.0-beta", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.0-beta" }, { "url": "http://public2.vulnerablecode.io/api/packages/58599?format=api", "purl": "pkg:composer/moodle/moodle@3.9.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/59248?format=api", "purl": "pkg:composer/moodle/moodle@3.9.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/58600?format=api", "purl": "pkg:composer/moodle/moodle@3.10.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/59249?format=api", "purl": "pkg:composer/moodle/moodle@3.10.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-7zmr-qupd-4fg6" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/59244?format=api", "purl": "pkg:composer/moodle/moodle@3.11.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-wmaz-p29k-kuh8" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.5" } ], "aliases": [ "CVE-2022-0334", "GHSA-93pj-4p65-qmr9" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fj1x-be1c-h3c4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14365?format=api", "vulnerability_id": "VCID-fvkk-381y-1kcb", "summary": "Cross-Site Request Forgery (CSRF)\nThe `delete related badge` functionality does not include the necessary token check to prevent a CSRF risk.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43559", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28916", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43559" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2021517", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2021517" }, { "reference_url": "https://github.com/moodle/moodle/commit/20d41ebae4eb28269298504c68db511a05ec4969", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/20d41ebae4eb28269298504c68db511a05ec4969" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=429099", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=429099" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43559", "reference_id": "CVE-2021-43559", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43559" }, { "reference_url": "https://github.com/advisories/GHSA-3jrj-x6cj-97cp", "reference_id": "GHSA-3jrj-x6cj-97cp", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3jrj-x6cj-97cp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/58604?format=api", "purl": "pkg:composer/moodle/moodle@3.8.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/58599?format=api", "purl": "pkg:composer/moodle/moodle@3.9.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/58600?format=api", "purl": "pkg:composer/moodle/moodle@3.10.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/58601?format=api", "purl": "pkg:composer/moodle/moodle@3.11.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fxx8-f2pp-27du" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-wmaz-p29k-kuh8" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.4" } ], "aliases": [ "CVE-2021-43559", "GHSA-3jrj-x6cj-97cp" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fvkk-381y-1kcb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/154286?format=api", "vulnerability_id": "VCID-fx3x-sc7h-guhb", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14321", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.39399", "scoring_system": "epss", "scoring_elements": "0.97367", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14321" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/d07fb8b9e8bf47fe60ad2aea553329bd1fb96e37", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/d07fb8b9e8bf47fe60ad2aea553329bd1fb96e37" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=407393", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=407393" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14321", "reference_id": "CVE-2020-14321", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14321" }, { "reference_url": "https://github.com/advisories/GHSA-9q29-jcjw-fw7h", "reference_id": "GHSA-9q29-jcjw-fw7h", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9q29-jcjw-fw7h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77367?format=api", "purl": "pkg:composer/moodle/moodle@3.5.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17vy-726y-u7fz" }, { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-68h6-fzmy-qqce" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8xgp-3nds-d7dm" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-f1na-71hq-w7c3" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-ktfp-pk4e-2fa7" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-urh4-9kzr-93c3" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wk9h-bhj5-zua8" }, { "vulnerability": "VCID-y1m2-7ua9-47fm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/77369?format=api", "purl": "pkg:composer/moodle/moodle@3.7.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17vy-726y-u7fz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-68h6-fzmy-qqce" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8ct-r1tq-tfdr" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-f1na-71hq-w7c3" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-gu1a-396c-7bgp" }, { "vulnerability": "VCID-ktfp-pk4e-2fa7" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-urh4-9kzr-93c3" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wk9h-bhj5-zua8" }, { "vulnerability": "VCID-y1m2-7ua9-47fm" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/77365?format=api", "purl": "pkg:composer/moodle/moodle@3.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17vy-726y-u7fz" }, { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-68h6-fzmy-qqce" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8xgp-3nds-d7dm" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8ct-r1tq-tfdr" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-f1na-71hq-w7c3" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-gu1a-396c-7bgp" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-ktfp-pk4e-2fa7" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-p8kp-q9s2-w3dq" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-urh4-9kzr-93c3" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wk9h-bhj5-zua8" }, { "vulnerability": "VCID-y1m2-7ua9-47fm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/77364?format=api", "purl": "pkg:composer/moodle/moodle@3.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17vy-726y-u7fz" }, { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-68h6-fzmy-qqce" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-8xgp-3nds-d7dm" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8ct-r1tq-tfdr" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-ex6v-wa1m-j7f6" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-f1na-71hq-w7c3" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-gcfy-vcgn-5uc7" }, { "vulnerability": "VCID-gu1a-396c-7bgp" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-ktfp-pk4e-2fa7" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-mk9g-47tz-tfcv" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-p8kp-q9s2-w3dq" }, { "vulnerability": "VCID-pfv8-kvcb-5udc" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-urh4-9kzr-93c3" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wk9h-bhj5-zua8" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-y1m2-7ua9-47fm" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.1" } ], "aliases": [ "CVE-2020-14321", "GHSA-9q29-jcjw-fw7h" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fx3x-sc7h-guhb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16069?format=api", "vulnerability_id": "VCID-g3u8-3spk-x3fx", "summary": "Cross-Site Request Forgery (CSRF)\nMultiple cross-site request forgery (CSRF) vulnerabilities in (1) editcategories.html and (2) editcategories.php in the Glossary module in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allow remote attackers to hijack the authentication of unspecified victims.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48106", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48106" }, { "reference_url": "http://openwall.com/lists/oss-security/2015/01/19/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2015/01/19/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0213", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31513", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0213" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/5770e5147838aa06a3ecdff6fc3aebbbd17fff90", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/5770e5147838aa06a3ecdff6fc3aebbbd17fff90" }, { "reference_url": "https://github.com/moodle/moodle/commit/c4250ef4f23776ff4862d2860b6be2cf7b2d85f6", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/c4250ef4f23776ff4862d2860b6be2cf7b2d85f6" }, { "reference_url": "https://github.com/moodle/moodle/commit/e83c756f84e16ab70e160e08deb84e9bc4bfbfea", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/e83c756f84e16ab70e160e08deb84e9bc4bfbfea" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=278613", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=278613" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0213", "reference_id": "CVE-2015-0213", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0213" }, { "reference_url": "https://github.com/advisories/GHSA-hhq7-jf2p-hw9c", "reference_id": "GHSA-hhq7-jf2p-hw9c", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hhq7-jf2p-hw9c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61064?format=api", "purl": "pkg:composer/moodle/moodle@2.6.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/61065?format=api", "purl": "pkg:composer/moodle/moodle@2.7.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/61066?format=api", "purl": "pkg:composer/moodle/moodle@2.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.2" } ], "aliases": [ "CVE-2015-0213", "GHSA-hhq7-jf2p-hw9c" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g3u8-3spk-x3fx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13116?format=api", "vulnerability_id": "VCID-gtpy-dhmm-mufn", "summary": "Cross-Site Request Forgery (CSRF)\nThe login form is not protected by a token to prevent login cross-site request forgery.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-63183", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-63183" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16854", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01178", "scoring_system": "epss", "scoring_elements": "0.79053", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16854" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16854", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16854" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=378731", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=378731" }, { "reference_url": "http://www.securityfocus.com/bid/106017", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/106017" }, { "reference_url": "http://www.securitytracker.com/id/1042154", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securitytracker.com/id/1042154" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16854", "reference_id": "CVE-2018-16854", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16854" }, { "reference_url": "https://github.com/advisories/GHSA-xj5f-qv37-r9jc", "reference_id": "GHSA-xj5f-qv37-r9jc", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xj5f-qv37-r9jc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/98023?format=api", "purl": "pkg:composer/moodle/moodle@3.1.0-beta", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.0-beta" }, { "url": "http://public2.vulnerablecode.io/api/packages/56082?format=api", "purl": "pkg:composer/moodle/moodle@3.1.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2avg-qvn9-bkdn" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-6xjm-4pjx-xuh7" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/56083?format=api", "purl": "pkg:composer/moodle/moodle@3.3.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/56084?format=api", "purl": "pkg:composer/moodle/moodle@3.4.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2avg-qvn9-bkdn" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/56085?format=api", "purl": "pkg:composer/moodle/moodle@3.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17vy-726y-u7fz" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2avg-qvn9-bkdn" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-68h6-fzmy-qqce" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-8xgp-3nds-d7dm" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ecj2-c6rx-57a1" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-f1na-71hq-w7c3" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-ktfp-pk4e-2fa7" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-urh4-9kzr-93c3" }, { "vulnerability": "VCID-vabw-g3da-bqbz" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wk9h-bhj5-zua8" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y1m2-7ua9-47fm" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.3" } ], "aliases": [ "CVE-2018-16854", "GHSA-xj5f-qv37-r9jc" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gtpy-dhmm-mufn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16194?format=api", "vulnerability_id": "VCID-gtup-bdtk-tbdu", "summary": "Improper Input Validation\nThe LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not properly restrict the parameters used in a return URL, which allows remote attackers to trigger the generation of arbitrary messages via a modified URL, related to mod/lti/locallib.php and mod/lti/return.php.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47927", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47927" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/11/17/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/11/17/11" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9060", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00388", "scoring_system": "epss", "scoring_elements": "0.60193", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9060" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/15bde5352bd4bdb54105c0fdfd956c9ca420e4c6", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/15bde5352bd4bdb54105c0fdfd956c9ca420e4c6" }, { "reference_url": "https://github.com/moodle/moodle/commit/339c6eca3c881742178637cb41cc7ebbe4a3b6b0", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/339c6eca3c881742178637cb41cc7ebbe4a3b6b0" }, { "reference_url": "https://github.com/moodle/moodle/commit/44e712e9b72a30c6bc01112040854e91f5758605", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/44e712e9b72a30c6bc01112040854e91f5758605" }, { "reference_url": "https://github.com/moodle/moodle/commit/edc89dfecb3f6891cea019baf2aecce51b3de41a", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/edc89dfecb3f6891cea019baf2aecce51b3de41a" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=275165", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=275165" }, { "reference_url": "https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9060", "reference_id": "CVE-2014-9060", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9060" }, { "reference_url": "https://github.com/advisories/GHSA-c87j-9rrq-h3j8", "reference_id": "GHSA-c87j-9rrq-h3j8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c87j-9rrq-h3j8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60993?format=api", "purl": "pkg:composer/moodle/moodle@2.6.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/60994?format=api", "purl": "pkg:composer/moodle/moodle@2.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3" } ], "aliases": [ "CVE-2014-9060", "GHSA-c87j-9rrq-h3j8" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gtup-bdtk-tbdu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16060?format=api", "vulnerability_id": "VCID-h6xh-h89y-pbey", "summary": "Moodle Temporary Passwords are Brute Force-able\nThe generate_password function in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not provide a sufficient number of possible temporary passwords, which allows remote attackers to obtain access via a brute-force attack.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47050", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47050" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/11/17/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/11/17/11" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7845", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00712", "scoring_system": "epss", "scoring_elements": "0.72616", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7845" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/04f2e83ce76cf931e6614497c1a7cc6c8afb9454", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/04f2e83ce76cf931e6614497c1a7cc6c8afb9454" }, { "reference_url": "https://github.com/moodle/moodle/commit/3128901f99d41d9368e81ffc67f4bc0535221e02", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/3128901f99d41d9368e81ffc67f4bc0535221e02" }, { "reference_url": "https://github.com/moodle/moodle/commit/40a04658232d898223462f84d8cd35510338acbe", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/40a04658232d898223462f84d8cd35510338acbe" }, { "reference_url": "https://github.com/moodle/moodle/commit/ece03f3b13c5eefa7bb008401b9414eed620eebc", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/ece03f3b13c5eefa7bb008401b9414eed620eebc" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=275152", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=275152" }, { "reference_url": "https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7845", "reference_id": "CVE-2014-7845", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7845" }, { "reference_url": "https://github.com/advisories/GHSA-9v64-447r-wch6", "reference_id": "GHSA-9v64-447r-wch6", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9v64-447r-wch6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60993?format=api", "purl": "pkg:composer/moodle/moodle@2.6.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/60994?format=api", "purl": "pkg:composer/moodle/moodle@2.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3" } ], "aliases": [ "CVE-2014-7845", "GHSA-9v64-447r-wch6" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h6xh-h89y-pbey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13460?format=api", "vulnerability_id": "VCID-hurp-xp2w-wbcp", "summary": "Information Exposure\nThe `/userpix/` page did not escape users' full names, which are included as text when hovering over profile images. Note this page is not linked to by default and its access is restricted.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-64372", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-64372" }, { "reference_url": "http://packetstormsecurity.com/files/162399/Moodle-3.6.1-Cross-Site-Scripting.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/162399/Moodle-3.6.1-Cross-Site-Scripting.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3810", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08385", "scoring_system": "epss", "scoring_elements": "0.9244", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3810" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3810", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3810" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=381230#p1536767", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=381230#p1536767" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/49814.txt", "reference_id": "CVE-2019-3810", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/49814.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3810", "reference_id": "CVE-2019-3810", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3810" }, { "reference_url": "https://github.com/advisories/GHSA-wm4w-8vc6-2j4h", "reference_id": "GHSA-wm4w-8vc6-2j4h", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wm4w-8vc6-2j4h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/98023?format=api", "purl": "pkg:composer/moodle/moodle@3.1.0-beta", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.0-beta" }, { "url": "http://public2.vulnerablecode.io/api/packages/56082?format=api", "purl": "pkg:composer/moodle/moodle@3.1.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2avg-qvn9-bkdn" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-6xjm-4pjx-xuh7" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/56636?format=api", "purl": "pkg:composer/moodle/moodle@3.1.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/56084?format=api", "purl": "pkg:composer/moodle/moodle@3.4.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2avg-qvn9-bkdn" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/56644?format=api", "purl": "pkg:composer/moodle/moodle@3.4.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/56085?format=api", "purl": "pkg:composer/moodle/moodle@3.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17vy-726y-u7fz" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2avg-qvn9-bkdn" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-68h6-fzmy-qqce" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-8xgp-3nds-d7dm" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ecj2-c6rx-57a1" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-f1na-71hq-w7c3" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-ktfp-pk4e-2fa7" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-urh4-9kzr-93c3" }, { "vulnerability": "VCID-vabw-g3da-bqbz" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wk9h-bhj5-zua8" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y1m2-7ua9-47fm" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/56645?format=api", "purl": "pkg:composer/moodle/moodle@3.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17vy-726y-u7fz" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-68h6-fzmy-qqce" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-8xgp-3nds-d7dm" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-f1na-71hq-w7c3" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-ktfp-pk4e-2fa7" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-urh4-9kzr-93c3" }, { "vulnerability": "VCID-vabw-g3da-bqbz" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wk9h-bhj5-zua8" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y1m2-7ua9-47fm" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/56643?format=api", "purl": "pkg:composer/moodle/moodle@3.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1694-95s2-63a9" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-1pfy-xmfx-quf8" }, { "vulnerability": "VCID-2avg-qvn9-bkdn" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vabw-g3da-bqbz" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/56646?format=api", "purl": "pkg:composer/moodle/moodle@3.6.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1694-95s2-63a9" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-1pfy-xmfx-quf8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vabw-g3da-bqbz" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.2" } ], "aliases": [ "CVE-2019-3810", "GHSA-wm4w-8vc6-2j4h" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hurp-xp2w-wbcp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12086?format=api", "vulnerability_id": "VCID-j7ab-5rkp-yyeh", "summary": "Server-Side Request Forgery (SSRF)\nMoodle has Server Side Request Forgery in the `filepicker`.", "references": [ { "reference_url": "http://packetstormsecurity.com/files/153766/Moodle-Filepicker-3.5.2-Server-Side-Request-Forgery.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/153766/Moodle-Filepicker-3.5.2-Server-Side-Request-Forgery.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1042", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12866", "scoring_system": "epss", "scoring_elements": "0.9416", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1042" }, { "reference_url": "https://github.com/moodle/moodle/commit/f1d1a60e0ac8549c08e66062f3cd0110e4a92e24", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/f1d1a60e0ac8549c08e66062f3cd0110e4a92e24" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=364381", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=364381" }, { "reference_url": "https://web.archive.org/web/20210124134113/http://www.securityfocus.com/bid/102752", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124134113/http://www.securityfocus.com/bid/102752" }, { "reference_url": "http://www.securityfocus.com/bid/102752", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102752" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/47177.txt", "reference_id": "CVE-2018-1042", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/47177.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1042", "reference_id": "CVE-2018-1042", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1042" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53853?format=api", "purl": "pkg:composer/moodle/moodle@3.1.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2avg-qvn9-bkdn" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-6xjm-4pjx-xuh7" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d17g-sacy-nkfw" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d9xk-d7zc-rbeq" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dxn4-ry85-43dp" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ez7x-sprg-effa" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gt8k-6dg8-qqa8" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-k72d-w9wa-m7b5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-u843-6ku8-6bh7" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/53854?format=api", "purl": "pkg:composer/moodle/moodle@3.2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d9xk-d7zc-rbeq" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dxn4-ry85-43dp" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ez7x-sprg-effa" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gt8k-6dg8-qqa8" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-k72d-w9wa-m7b5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/53855?format=api", "purl": "pkg:composer/moodle/moodle@3.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d17g-sacy-nkfw" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d9xk-d7zc-rbeq" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dxn4-ry85-43dp" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ez7x-sprg-effa" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gt8k-6dg8-qqa8" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-k72d-w9wa-m7b5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-u843-6ku8-6bh7" }, { "vulnerability": "VCID-useh-xm73-zub8" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-vx5n-esff-fqew" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yq9c-xav3-e3bv" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/53865?format=api", "purl": "pkg:composer/moodle/moodle@3.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2avg-qvn9-bkdn" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d17g-sacy-nkfw" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d9xk-d7zc-rbeq" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dxn4-ry85-43dp" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ez7x-sprg-effa" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gt8k-6dg8-qqa8" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-k72d-w9wa-m7b5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-u843-6ku8-6bh7" }, { "vulnerability": "VCID-useh-xm73-zub8" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-vx5n-esff-fqew" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yq9c-xav3-e3bv" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.1" } ], "aliases": [ "CVE-2018-1042", "GHSA-qqjv-mc2v-p7mc" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j7ab-5rkp-yyeh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12253?format=api", "vulnerability_id": "VCID-jrf4-ua1a-cfcr", "summary": "Improper Access Control\nUnauthenticated users can trigger custom messages to admin via paypal enrol script. Paypal IPN callback script should only send error emails to admin after request origin was verified, otherwise admin email can be spammed.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1081", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00927", "scoring_system": "epss", "scoring_elements": "0.76389", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1081" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-61392", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-61392" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=367938", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=367938" }, { "reference_url": "http://www.securityfocus.com/bid/103728", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/103728" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1081", "reference_id": "CVE-2018-1081", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1081" }, { "reference_url": "https://github.com/advisories/GHSA-v9xq-vh72-chr4", "reference_id": "GHSA-v9xq-vh72-chr4", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-v9xq-vh72-chr4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/98023?format=api", "purl": "pkg:composer/moodle/moodle@3.1.0-beta", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.0-beta" }, { "url": "http://public2.vulnerablecode.io/api/packages/54281?format=api", "purl": "pkg:composer/moodle/moodle@3.1.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2avg-qvn9-bkdn" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-6xjm-4pjx-xuh7" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d17g-sacy-nkfw" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d9xk-d7zc-rbeq" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dxn4-ry85-43dp" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ez7x-sprg-effa" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gt8k-6dg8-qqa8" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-k72d-w9wa-m7b5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-u843-6ku8-6bh7" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/54282?format=api", "purl": "pkg:composer/moodle/moodle@3.2.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d9xk-d7zc-rbeq" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dxn4-ry85-43dp" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ez7x-sprg-effa" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gt8k-6dg8-qqa8" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-k72d-w9wa-m7b5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/54283?format=api", "purl": "pkg:composer/moodle/moodle@3.3.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d17g-sacy-nkfw" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d9xk-d7zc-rbeq" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dxn4-ry85-43dp" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ez7x-sprg-effa" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gt8k-6dg8-qqa8" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-k72d-w9wa-m7b5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-u843-6ku8-6bh7" }, { "vulnerability": "VCID-useh-xm73-zub8" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yq9c-xav3-e3bv" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/54284?format=api", "purl": "pkg:composer/moodle/moodle@3.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2avg-qvn9-bkdn" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d17g-sacy-nkfw" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d9xk-d7zc-rbeq" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dxn4-ry85-43dp" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ez7x-sprg-effa" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gt8k-6dg8-qqa8" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-k72d-w9wa-m7b5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-u843-6ku8-6bh7" }, { "vulnerability": "VCID-useh-xm73-zub8" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yq9c-xav3-e3bv" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.2" } ], "aliases": [ "CVE-2018-1081", "GHSA-v9xq-vh72-chr4" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jrf4-ua1a-cfcr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/136431?format=api", "vulnerability_id": "VCID-k249-a5wk-2fcs", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10186", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.59172", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10186" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10186", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10186" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/ea1ac3c7efbddbdb210ea4c75e7156c7d7ee914b", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/ea1ac3c7efbddbdb210ea4c75e7156c7d7ee914b" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=388567#p1566329", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=388567#p1566329" }, { "reference_url": "https://web.archive.org/web/20210125055044/https://www.securityfocus.com/bid/109175", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210125055044/https://www.securityfocus.com/bid/109175" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10186", "reference_id": "CVE-2019-10186", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10186" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/142887?format=api", "purl": "pkg:composer/moodle/moodle@3.5.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17vy-726y-u7fz" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-68h6-fzmy-qqce" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-8xgp-3nds-d7dm" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-f1na-71hq-w7c3" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-ktfp-pk4e-2fa7" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-urh4-9kzr-93c3" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wk9h-bhj5-zua8" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y1m2-7ua9-47fm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/142888?format=api", "purl": "pkg:composer/moodle/moodle@3.6.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1694-95s2-63a9" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/142889?format=api", "purl": "pkg:composer/moodle/moodle@3.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1694-95s2-63a9" }, { "vulnerability": "VCID-17vy-726y-u7fz" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-5n6q-kt6b-zfbc" }, { "vulnerability": "VCID-68h6-fzmy-qqce" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8ct-r1tq-tfdr" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-f1na-71hq-w7c3" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gu1a-396c-7bgp" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-ktfp-pk4e-2fa7" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-u5tg-a91q-ckf3" }, { "vulnerability": "VCID-urh4-9kzr-93c3" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wk9h-bhj5-zua8" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y1m2-7ua9-47fm" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1" } ], "aliases": [ "CVE-2019-10186", "GHSA-wv9c-pfpm-4wc5" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k249-a5wk-2fcs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16145?format=api", "vulnerability_id": "VCID-kh3d-k28s-7ua5", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nCross-site request forgery (CSRF) vulnerability in admin/registration/register.php in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allows remote attackers to hijack the authentication of administrators for requests that send statistics to an arbitrary hub URL.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-51091", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-51091" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5335", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21063", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5335" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/4bb9e1ad8af12b01499c68543e80f7c12fd557ea", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/4bb9e1ad8af12b01499c68543e80f7c12fd557ea" }, { "reference_url": "https://github.com/moodle/moodle/commit/77e072ebec68ba685551b886b71054d1feae6c94", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/77e072ebec68ba685551b886b71054d1feae6c94" }, { "reference_url": "https://github.com/moodle/moodle/commit/7bf5c6a542efa113dbb241a113cb6079f0572443", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/7bf5c6a542efa113dbb241a113cb6079f0572443" }, { "reference_url": "https://github.com/moodle/moodle/commit/a1168a7427f8fa1926a771fe8e6d10aeb6689686", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/a1168a7427f8fa1926a771fe8e6d10aeb6689686" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=323230", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=323230" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5335", "reference_id": "CVE-2015-5335", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5335" }, { "reference_url": "https://github.com/advisories/GHSA-hpmv-wvq3-gj27", "reference_id": "GHSA-hpmv-wvq3-gj27", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hpmv-wvq3-gj27" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51497?format=api", "purl": "pkg:composer/moodle/moodle@2.7.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/51487?format=api", "purl": "pkg:composer/moodle/moodle@2.8.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/51489?format=api", "purl": "pkg:composer/moodle/moodle@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.3" } ], "aliases": [ "CVE-2015-5335", "GHSA-hpmv-wvq3-gj27" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kh3d-k28s-7ua5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16175?format=api", "vulnerability_id": "VCID-km7q-tdk1-efh5", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\ncalendar/externallib.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 provides calendar-event data without considering whether an activity is hidden, which allows remote authenticated users to obtain sensitive information via a web-service request.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52808", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52808" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2156", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53815", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2156" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/39b851376337b853c8d403dcba64645d16f0a9bd", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/39b851376337b853c8d403dcba64645d16f0a9bd" }, { "reference_url": "https://github.com/moodle/moodle/commit/783e695e00689d67925d6f83722d344c0bd6de94", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/783e695e00689d67925d6f83722d344c0bd6de94" }, { "reference_url": "https://github.com/moodle/moodle/commit/854e7b8ed0a84eb91ca455ca290427d22bc20baf", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/854e7b8ed0a84eb91ca455ca290427d22bc20baf" }, { "reference_url": "https://github.com/moodle/moodle/commit/c631b112d6e729c84f5d559371a399fe54502ba3", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/c631b112d6e729c84f5d559371a399fe54502ba3" }, { "reference_url": "https://github.com/moodle/moodle/commit/d63ac148b95e5f909618e75efd76f6b5032da158", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/d63ac148b95e5f909618e75efd76f6b5032da158" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=330178", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=330178" }, { "reference_url": "https://web.archive.org/web/20160424224349/http://www.securitytracker.com/id/1035333", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20160424224349/http://www.securitytracker.com/id/1035333" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/03/21/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2016/03/21/1" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2156", "reference_id": "CVE-2016-2156", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2156" }, { "reference_url": "https://github.com/advisories/GHSA-h8vc-v44p-5r2q", "reference_id": "GHSA-h8vc-v44p-5r2q", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h8vc-v44p-5r2q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51641?format=api", "purl": "pkg:composer/moodle/moodle@2.7.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/51642?format=api", "purl": "pkg:composer/moodle/moodle@2.8.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/51643?format=api", "purl": "pkg:composer/moodle/moodle@2.9.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/51644?format=api", "purl": "pkg:composer/moodle/moodle@3.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-b3hr-pfv8-uqf6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xatq-q64s-gugm" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.3" } ], "aliases": [ "CVE-2016-2156", "GHSA-h8vc-v44p-5r2q" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-km7q-tdk1-efh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16081?format=api", "vulnerability_id": "VCID-knb4-t5gz-ekh1", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nlib/phpunit/bootstrap.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47287", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47287" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/11/17/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/11/17/11" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7848", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00388", "scoring_system": "epss", "scoring_elements": "0.60193", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7848" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/0baf9763636aa4158a45ef2b539d2df0aa0bbd53", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/0baf9763636aa4158a45ef2b539d2df0aa0bbd53" }, { "reference_url": "https://github.com/moodle/moodle/commit/1993cc02b6b05f45ff1776813567c6b3f91480f4", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/1993cc02b6b05f45ff1776813567c6b3f91480f4" }, { "reference_url": "https://github.com/moodle/moodle/commit/84baa6b1417328ef7e4085d0112acc57167d15e4", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/84baa6b1417328ef7e4085d0112acc57167d15e4" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=275160", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=275160" }, { "reference_url": "https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7848", "reference_id": "CVE-2014-7848", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7848" }, { "reference_url": "https://github.com/advisories/GHSA-47cw-whh9-j2fq", "reference_id": "GHSA-47cw-whh9-j2fq", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-47cw-whh9-j2fq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60993?format=api", "purl": "pkg:composer/moodle/moodle@2.6.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/60994?format=api", "purl": "pkg:composer/moodle/moodle@2.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3" } ], "aliases": [ "CVE-2014-7848", "GHSA-47cw-whh9-j2fq" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-knb4-t5gz-ekh1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15980?format=api", "vulnerability_id": "VCID-kxfu-3yzg-pqdt", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nMultiple cross-site scripting (XSS) vulnerabilities in the advanced-grading implementation in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) qualification or (2) rating field in a rubric.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46223", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46223" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/07/21/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/07/21/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3551", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48566", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3551" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/1f8eb0842835bcd1ea72b2d2982e0b5c8bc133bb", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/1f8eb0842835bcd1ea72b2d2982e0b5c8bc133bb" }, { "reference_url": "https://github.com/moodle/moodle/commit/2c0b608cda12540de79aac0ee6952dda2c8ed947", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/2c0b608cda12540de79aac0ee6952dda2c8ed947" }, { "reference_url": "https://github.com/moodle/moodle/commit/470a466d7f1e0aef030ad2178bbef5a81765c42e", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/470a466d7f1e0aef030ad2178bbef5a81765c42e" }, { "reference_url": "https://github.com/moodle/moodle/commit/4fc5861cbacdc2f4197faebd3d207d2811e0f09f", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/4fc5861cbacdc2f4197faebd3d207d2811e0f09f" }, { "reference_url": "https://github.com/moodle/moodle/commit/555ee08b17dfe09e02391be137f60fe38c0a7865", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/555ee08b17dfe09e02391be137f60fe38c0a7865" }, { "reference_url": "https://github.com/moodle/moodle/commit/666248c264642e5ca27601b347fc6913517e2853", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/666248c264642e5ca27601b347fc6913517e2853" }, { "reference_url": "https://github.com/moodle/moodle/commit/68299e6154ae41b7e586904fd1b860cad7f65654", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/68299e6154ae41b7e586904fd1b860cad7f65654" }, { "reference_url": "https://github.com/moodle/moodle/commit/72d1a3ab0b002a9a5f32f3c2b61ffc9fa7f7b789", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/72d1a3ab0b002a9a5f32f3c2b61ffc9fa7f7b789" }, { "reference_url": "https://github.com/moodle/moodle/commit/7f4db6f4d9014370df0265ab846ad76235af0cae", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/7f4db6f4d9014370df0265ab846ad76235af0cae" }, { "reference_url": "https://github.com/moodle/moodle/commit/8380722bb11f36d33308580aee169e161d3f2c14", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/8380722bb11f36d33308580aee169e161d3f2c14" }, { "reference_url": "https://github.com/moodle/moodle/commit/8ecc049f7f020086c1881bdf573af16cf2d9f9c9", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/8ecc049f7f020086c1881bdf573af16cf2d9f9c9" }, { "reference_url": "https://github.com/moodle/moodle/commit/98d5566c2270e21cbfaf1f4e8d61039f05d6aae2", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/98d5566c2270e21cbfaf1f4e8d61039f05d6aae2" }, { "reference_url": "https://github.com/moodle/moodle/commit/b5dacb548800ee10d4940c8ebeca48c3c2ae0512", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/b5dacb548800ee10d4940c8ebeca48c3c2ae0512" }, { "reference_url": "https://github.com/moodle/moodle/commit/db5a6e6560c963849f8807184ca32efee6779264", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/db5a6e6560c963849f8807184ca32efee6779264" }, { "reference_url": "https://github.com/moodle/moodle/commit/e42b6e20bdd5d6f09bc09be22fd7f20736e27085", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/e42b6e20bdd5d6f09bc09be22fd7f20736e27085" }, { "reference_url": "https://github.com/moodle/moodle/commit/eb1381de1dbcce0215dcdd62cfac4fe287beed4e", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/eb1381de1dbcce0215dcdd62cfac4fe287beed4e" }, { "reference_url": "https://github.com/moodle/moodle/commit/f25f472be425d6ef8aa587648dafda1bd4d1c5d8", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/f25f472be425d6ef8aa587648dafda1bd4d1c5d8" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=264273", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=264273" }, { "reference_url": "https://web.archive.org/web/20200228170658/http://www.securityfocus.com/bid/68763", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228170658/http://www.securityfocus.com/bid/68763" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3551", "reference_id": "CVE-2014-3551", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3551" }, { "reference_url": "https://github.com/advisories/GHSA-m8f5-9wg8-2c3h", "reference_id": "GHSA-m8f5-9wg8-2c3h", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m8f5-9wg8-2c3h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60960?format=api", "purl": "pkg:composer/moodle/moodle@2.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/60961?format=api", "purl": "pkg:composer/moodle/moodle@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q7s7-97ex-7kbj" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.1" } ], "aliases": [ "CVE-2014-3551", "GHSA-m8f5-9wg8-2c3h" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kxfu-3yzg-pqdt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/141705?format=api", "vulnerability_id": "VCID-kys8-9mu7-w7dn", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18210", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0044", "scoring_system": "epss", "scoring_elements": "0.63451", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18210" }, { "reference_url": "https://docs.moodle.org/38/en/Teacher_role", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://docs.moodle.org/38/en/Teacher_role" }, { "reference_url": "https://gist.github.com/Danbardo/4a6b0fe8cb21ec6d7c54e6ac951bdb0a", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://gist.github.com/Danbardo/4a6b0fe8cb21ec6d7c54e6ac951bdb0a" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18210", "reference_id": "CVE-2019-18210", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18210" }, { "reference_url": "https://github.com/advisories/GHSA-q6vw-27c6-jv9c", "reference_id": "GHSA-q6vw-27c6-jv9c", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q6vw-27c6-jv9c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/154941?format=api", "purl": "pkg:composer/moodle/moodle@3.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17vy-726y-u7fz" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-68h6-fzmy-qqce" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8ct-r1tq-tfdr" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-f1na-71hq-w7c3" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gu1a-396c-7bgp" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-ktfp-pk4e-2fa7" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-u5tg-a91q-ckf3" }, { "vulnerability": "VCID-urh4-9kzr-93c3" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wk9h-bhj5-zua8" }, { "vulnerability": "VCID-y1m2-7ua9-47fm" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.3" } ], "aliases": [ "CVE-2019-18210", "GHSA-q6vw-27c6-jv9c" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kys8-9mu7-w7dn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15916?format=api", "vulnerability_id": "VCID-m7k1-7r22-ffds", "summary": "Cross-Site Request Forgery (CSRF)\nCross-site request forgery (CSRF) vulnerability in auth/shibboleth/logout.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote attackers to hijack the authentication of arbitrary users for requests that trigger a logout.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47964", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47964" }, { "reference_url": "http://openwall.com/lists/oss-security/2015/01/19/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2015/01/19/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0218", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31513", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0218" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/371d58d70d4ef866f35e33ea6898007112bfe654", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/371d58d70d4ef866f35e33ea6898007112bfe654" }, { "reference_url": "https://github.com/moodle/moodle/commit/693918c30e6b7c95dddd9c5973f98d98342a59d9", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/693918c30e6b7c95dddd9c5973f98d98342a59d9" }, { "reference_url": "https://github.com/moodle/moodle/commit/b82b4c562b705ea8f11893d9126889bb696b9612", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/b82b4c562b705ea8f11893d9126889bb696b9612" }, { "reference_url": "https://github.com/moodle/moodle/commit/fb60e23a67931eeba8fc9aacf3cc838e462f21f2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/fb60e23a67931eeba8fc9aacf3cc838e462f21f2" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=278618", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=278618" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0218", "reference_id": "CVE-2015-0218", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0218" }, { "reference_url": "https://github.com/advisories/GHSA-5jph-mvfm-r27p", "reference_id": "GHSA-5jph-mvfm-r27p", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5jph-mvfm-r27p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61064?format=api", "purl": "pkg:composer/moodle/moodle@2.6.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/61065?format=api", "purl": "pkg:composer/moodle/moodle@2.7.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/61066?format=api", "purl": "pkg:composer/moodle/moodle@2.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.2" } ], "aliases": [ "CVE-2015-0218", "GHSA-5jph-mvfm-r27p" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m7k1-7r22-ffds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16187?format=api", "vulnerability_id": "VCID-md9r-mr42-1ydb", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nenrol/index.php in Moodle 2.6.x before 2.6.3 does not check for the moodle/course:viewhiddencourses capability before listing hidden courses, which allows remote attackers to obtain sensitive name and summary information about these courses by leveraging the guest role and visiting a crafted URL.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45126", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45126" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/05/19/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/05/19/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0217", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51889", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0217" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/eaea796e70f6630494d3772684604ab6e907f4ac", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/eaea796e70f6630494d3772684604ab6e907f4ac" }, { "reference_url": "https://github.com/moodle/moodle/commit/fcf199e7a13e453bfe3855c6946e8357fcbdef92", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/fcf199e7a13e453bfe3855c6946e8357fcbdef92" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=260365", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=260365" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0217", "reference_id": "CVE-2014-0217", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0217" }, { "reference_url": "https://github.com/advisories/GHSA-c3vx-v4x8-x894", "reference_id": "GHSA-c3vx-v4x8-x894", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c3vx-v4x8-x894" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61099?format=api", "purl": "pkg:composer/moodle/moodle@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2p3q-vvfc-tkc5" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3je3-s51r-d7ck" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-963u-un81-k3b2" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cnuq-ryj8-gud2" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d58t-ca96-xyez" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kxfu-3yzg-pqdt" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q36b-zyxf-k3cz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-ta4z-pbfv-juey" }, { "vulnerability": "VCID-tc3c-a1kr-6yfu" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xt6b-xs9e-t7a9" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.3" } ], "aliases": [ "CVE-2014-0217", "GHSA-c3vx-v4x8-x894" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-md9r-mr42-1ydb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16170?format=api", "vulnerability_id": "VCID-mgk6-79z4-u3g5", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nThe core_enrol_get_enrolled_users web service in enrol/externallib.php in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not properly implement group-based access restrictions, which allows remote authenticated users to obtain sensitive course-participant information via a web-service request.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-51861", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-51861" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5339", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36503", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5339" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/12bc713081dc24b6eedea54281876e7c3f5579a6", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/12bc713081dc24b6eedea54281876e7c3f5579a6" }, { "reference_url": "https://github.com/moodle/moodle/commit/512633461ae239677342b40d318803e15e1fd1aa", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/512633461ae239677342b40d318803e15e1fd1aa" }, { "reference_url": "https://github.com/moodle/moodle/commit/b26b2407908abb1a8a4d37aebc18e03139c9776f", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/b26b2407908abb1a8a4d37aebc18e03139c9776f" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=323234", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=323234" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5339", "reference_id": "CVE-2015-5339", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5339" }, { "reference_url": "https://github.com/advisories/GHSA-gmhr-6f43-7qpj", "reference_id": "GHSA-gmhr-6f43-7qpj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gmhr-6f43-7qpj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51497?format=api", "purl": "pkg:composer/moodle/moodle@2.7.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/51487?format=api", "purl": "pkg:composer/moodle/moodle@2.8.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/51489?format=api", "purl": "pkg:composer/moodle/moodle@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.3" } ], "aliases": [ "CVE-2015-5339", "GHSA-gmhr-6f43-7qpj" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mgk6-79z4-u3g5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14791?format=api", "vulnerability_id": "VCID-mkuq-tdbg-t3ce", "summary": "Cross-Site Request Forgery (CSRF)\nThe `delete badge alignment` functionality does not include the necessary token check to prevent a CSRF risk.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0335", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28916", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0335" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043666", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043666" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/d40cc61eba229c6d1f47b9a525022fbc9136b9f6", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/d40cc61eba229c6d1f47b9a525022fbc9136b9f6" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=431103", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=431103" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0335", "reference_id": "CVE-2022-0335", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0335" }, { "reference_url": "https://github.com/advisories/GHSA-xpfv-89vg-r562", "reference_id": "GHSA-xpfv-89vg-r562", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xpfv-89vg-r562" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/78814?format=api", "purl": "pkg:composer/moodle/moodle@3.9.0-beta", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.0-beta" }, { "url": "http://public2.vulnerablecode.io/api/packages/58599?format=api", "purl": "pkg:composer/moodle/moodle@3.9.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/59248?format=api", "purl": "pkg:composer/moodle/moodle@3.9.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/58600?format=api", "purl": "pkg:composer/moodle/moodle@3.10.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/59249?format=api", "purl": "pkg:composer/moodle/moodle@3.10.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-7zmr-qupd-4fg6" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/59244?format=api", "purl": "pkg:composer/moodle/moodle@3.11.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-wmaz-p29k-kuh8" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.5" } ], "aliases": [ "CVE-2022-0335", "GHSA-xpfv-89vg-r562" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mkuq-tdbg-t3ce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16065?format=api", "vulnerability_id": "VCID-mnvd-crhn-fyc3", "summary": "Moodle Arbitrary Redirect\nMultiple open redirect vulnerabilities in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving an error page that links to a URL from an HTTP Referer header.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49179", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49179" }, { "reference_url": "http://openwall.com/lists/oss-security/2015/05/18/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2015/05/18/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3175", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.004", "scoring_system": "epss", "scoring_elements": "0.61008", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3175" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/b2687a055dc990ca86ddce178d5aee3fb1df644a", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/b2687a055dc990ca86ddce178d5aee3fb1df644a" }, { "reference_url": "https://github.com/moodle/moodle/commit/db200a8e9f88c8c4a2141ac264062dca74ee2f29", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/db200a8e9f88c8c4a2141ac264062dca74ee2f29" }, { "reference_url": "https://github.com/moodle/moodle/commit/dd0607b7bbaff38cc62e4d00658c02da3fdbb4c8", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/dd0607b7bbaff38cc62e4d00658c02da3fdbb4c8" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=313682", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=313682" }, { "reference_url": "https://web.archive.org/web/20201030042703/http://www.securitytracker.com/id/1032358", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201030042703/http://www.securitytracker.com/id/1032358" }, { "reference_url": "https://web.archive.org/web/20210122155902/http://www.securityfocus.com/bid/74720", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210122155902/http://www.securityfocus.com/bid/74720" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3175", "reference_id": "CVE-2015-3175", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3175" }, { "reference_url": "https://github.com/advisories/GHSA-h798-h7ff-93xv", "reference_id": "GHSA-h798-h7ff-93xv", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h798-h7ff-93xv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51495?format=api", "purl": "pkg:composer/moodle/moodle@2.6.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/61182?format=api", "purl": "pkg:composer/moodle/moodle@2.7.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/61183?format=api", "purl": "pkg:composer/moodle/moodle@2.8.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.6" } ], "aliases": [ "CVE-2015-3175", "GHSA-h798-h7ff-93xv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mnvd-crhn-fyc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10936?format=api", "vulnerability_id": "VCID-n2sv-d47m-rkar", "summary": "Insertion of Sensitive Information into Log File\nMoodle does not properly restrict links, which allows remote attackers to obtain sensitive URL information by reading a Referer log.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52651", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52651" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2190", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63358", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2190" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/1688564a6eee6000013f6e185f704049283ae375", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/1688564a6eee6000013f6e185f704049283ae375" }, { "reference_url": "https://github.com/moodle/moodle/commit/190757854d9ce3b3ce3100dc76de54277f3bdd14", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/190757854d9ce3b3ce3100dc76de54277f3bdd14" }, { "reference_url": "https://github.com/moodle/moodle/commit/314d105c169c67e3ce750f76b21d99983d4a9ff5", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/314d105c169c67e3ce750f76b21d99983d4a9ff5" }, { "reference_url": "https://github.com/moodle/moodle/commit/4d6f159f681882496e05ddacf2561929d2d23f0e", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/4d6f159f681882496e05ddacf2561929d2d23f0e" }, { "reference_url": "https://github.com/moodle/moodle/commit/9f91c23536a31ba2dc91b0ba2ae726b1757a20cb", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/9f91c23536a31ba2dc91b0ba2ae726b1757a20cb" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=330181", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=330181" }, { "reference_url": "https://web.archive.org/web/20210801130148/http://www.securitytracker.com/id/1035333", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210801130148/http://www.securitytracker.com/id/1035333" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/03/21/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2016/03/21/1" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2190", "reference_id": "CVE-2016-2190", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2190" }, { "reference_url": "https://github.com/advisories/GHSA-r9pc-g29w-f86j", "reference_id": "GHSA-r9pc-g29w-f86j", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r9pc-g29w-f86j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/94776?format=api", "purl": "pkg:composer/moodle/moodle@2.7.0-beta", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.0-beta" }, { "url": "http://public2.vulnerablecode.io/api/packages/51641?format=api", "purl": "pkg:composer/moodle/moodle@2.7.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/51642?format=api", "purl": "pkg:composer/moodle/moodle@2.8.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/51643?format=api", "purl": "pkg:composer/moodle/moodle@2.9.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/51644?format=api", "purl": "pkg:composer/moodle/moodle@3.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-b3hr-pfv8-uqf6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xatq-q64s-gugm" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.3" } ], "aliases": [ "CVE-2016-2190", "GHSA-r9pc-g29w-f86j" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n2sv-d47m-rkar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16029?format=api", "vulnerability_id": "VCID-n915-tsbu-k3e6", "summary": "Moodle allows attackers to cause a denial of service\niplookup/index.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote attackers to cause a denial of service (resource consumption) by triggering the calculation of an estimated latitude and longitude for an IP address.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47321", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47321" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/11/17/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/11/17/11" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7847", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00734", "scoring_system": "epss", "scoring_elements": "0.73065", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7847" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/324b018bbce2f56198fe8808968bad6c8798710a", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/324b018bbce2f56198fe8808968bad6c8798710a" }, { "reference_url": "https://github.com/moodle/moodle/commit/35a60cbb382d78ddb9d54c772816db4c5007ca7e", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/35a60cbb382d78ddb9d54c772816db4c5007ca7e" }, { "reference_url": "https://github.com/moodle/moodle/commit/6ec47a64acf8576916c20dcbb436b0ae41a63440", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/6ec47a64acf8576916c20dcbb436b0ae41a63440" }, { "reference_url": "https://github.com/moodle/moodle/commit/eb46bf2f4e80f4421255f6aee00b73448ba582a7", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/eb46bf2f4e80f4421255f6aee00b73448ba582a7" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=275158", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=275158" }, { "reference_url": "https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7847", "reference_id": "CVE-2014-7847", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7847" }, { "reference_url": "https://github.com/advisories/GHSA-6vjg-2q57-rgfw", "reference_id": "GHSA-6vjg-2q57-rgfw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6vjg-2q57-rgfw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60993?format=api", "purl": "pkg:composer/moodle/moodle@2.6.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/60994?format=api", "purl": "pkg:composer/moodle/moodle@2.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3" } ], "aliases": [ "CVE-2014-7847", "GHSA-6vjg-2q57-rgfw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n915-tsbu-k3e6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13472?format=api", "vulnerability_id": "VCID-nbpz-vdd1-w3ae", "summary": "Improper Input Validation\nUsers with the \"login as other users\" capability (such as administrators/managers) can access other users' Dashboards, but the JavaScript those other users may have added to their Dashboard was not being escaped when being viewed by the user logging in on their behalf.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3847", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00867", "scoring_system": "epss", "scoring_elements": "0.75475", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3847" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3847", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3847" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/070f24d006eab6b958eb083530de159b43c538ed", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/070f24d006eab6b958eb083530de159b43c538ed" }, { "reference_url": "https://github.com/moodle/moodle/commit/93dda3bfd3caaaa8d23fe8ede543f27ef774958d", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/93dda3bfd3caaaa8d23fe8ede543f27ef774958d" }, { "reference_url": "https://github.com/moodle/moodle/commit/a37e26d2efe1ca0e4d8d69c611a748af35b33674", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/a37e26d2efe1ca0e4d8d69c611a748af35b33674" }, { "reference_url": "https://github.com/moodle/moodle/commit/e836242e1c04cd62d0afa4a790074fd245628e7a", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/e836242e1c04cd62d0afa4a790074fd245628e7a" }, { "reference_url": "https://github.com/moodle/moodle/commit/ec3b63c772d6448765c68268234cf36c1a91bcac", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/ec3b63c772d6448765c68268234cf36c1a91bcac" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=384010#p1547742", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=384010#p1547742" }, { "reference_url": "https://web.archive.org/web/20200227082922/http://www.securityfocus.com/bid/107489", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200227082922/http://www.securityfocus.com/bid/107489" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3847", "reference_id": "CVE-2019-3847", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3847" }, { "reference_url": "https://github.com/advisories/GHSA-qrcj-6fjw-3h9h", "reference_id": "GHSA-qrcj-6fjw-3h9h", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qrcj-6fjw-3h9h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56665?format=api", "purl": "pkg:composer/moodle/moodle@3.1.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/56661?format=api", "purl": "pkg:composer/moodle/moodle@3.4.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/56659?format=api", "purl": "pkg:composer/moodle/moodle@3.5.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17vy-726y-u7fz" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-68h6-fzmy-qqce" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-8xgp-3nds-d7dm" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-f1na-71hq-w7c3" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-ktfp-pk4e-2fa7" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-urh4-9kzr-93c3" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wk9h-bhj5-zua8" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y1m2-7ua9-47fm" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/56660?format=api", "purl": "pkg:composer/moodle/moodle@3.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1694-95s2-63a9" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.3" } ], "aliases": [ "CVE-2019-3847", "GHSA-qrcj-6fjw-3h9h" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nbpz-vdd1-w3ae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16240?format=api", "vulnerability_id": "VCID-nhpx-rrw3-ekhq", "summary": "Cross-Site Request Forgery (CSRF)\nMultiple cross-site request forgery (CSRF) vulnerabilities in the lesson module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allow remote attackers to hijack the authentication of arbitrary users for requests to (1) mod/lesson/mediafile.php or (2) mod/lesson/view.php.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48109", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48109" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5338", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30319", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5338" }, { "reference_url": "https://github.com/moodle/moodle/commit/541c5b8552e0162010d0259c90a04eb63e875958", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/541c5b8552e0162010d0259c90a04eb63e875958" }, { "reference_url": "https://github.com/moodle/moodle/commit/817cae1ac7ca748ba368439a40ef67d555774485", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/817cae1ac7ca748ba368439a40ef67d555774485" }, { "reference_url": "https://github.com/moodle/moodle/commit/dcb42c9ed13b0c0ec2dde22b62ef69772d7725e6", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/dcb42c9ed13b0c0ec2dde22b62ef69772d7725e6" }, { "reference_url": "https://github.com/moodle/moodle/commit/f75333766c7295932baa72a9dbe9542baf14e107", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/f75333766c7295932baa72a9dbe9542baf14e107" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=323233", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=323233" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5338", "reference_id": "CVE-2015-5338", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5338" }, { "reference_url": "https://github.com/advisories/GHSA-v33x-q8gh-4x42", "reference_id": "GHSA-v33x-q8gh-4x42", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-v33x-q8gh-4x42" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51497?format=api", "purl": "pkg:composer/moodle/moodle@2.7.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/51487?format=api", "purl": "pkg:composer/moodle/moodle@2.8.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/51489?format=api", "purl": "pkg:composer/moodle/moodle@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.3" } ], "aliases": [ "CVE-2015-5338", "GHSA-v33x-q8gh-4x42" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nhpx-rrw3-ekhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16264?format=api", "vulnerability_id": "VCID-nkvn-u8eg-7ufn", "summary": "Cross-Site Request Forgery (CSRF)\nMultiple cross-site request forgery (CSRF) vulnerabilities in mod/assign/locallib.php in the Assignment subsystem in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allow remote attackers to hijack the authentication of teachers for quick-grading requests.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44606", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44606" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/05/19/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/05/19/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0213", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31513", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0213" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/0cd720fe512d48c2af81fc054c042c9c63e8a234", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/0cd720fe512d48c2af81fc054c042c9c63e8a234" }, { "reference_url": "https://github.com/moodle/moodle/commit/436ef91ceb3cedfbf7297cb9e09ef69c0b323d77", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/436ef91ceb3cedfbf7297cb9e09ef69c0b323d77" }, { "reference_url": "https://github.com/moodle/moodle/commit/a57eacc114ee8e5423102000c9954f66f03ffeb2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/a57eacc114ee8e5423102000c9954f66f03ffeb2" }, { "reference_url": "https://github.com/moodle/moodle/commit/f977d376c936ba09872884dc822463e76f6cfeb6", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/f977d376c936ba09872884dc822463e76f6cfeb6" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=260361", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=260361" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0213", "reference_id": "CVE-2014-0213", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0213" }, { "reference_url": "https://github.com/advisories/GHSA-h75f-hjcr-cvh8", "reference_id": "GHSA-h75f-hjcr-cvh8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h75f-hjcr-cvh8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61099?format=api", "purl": "pkg:composer/moodle/moodle@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2p3q-vvfc-tkc5" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3je3-s51r-d7ck" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-963u-un81-k3b2" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cnuq-ryj8-gud2" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d58t-ca96-xyez" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kxfu-3yzg-pqdt" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q36b-zyxf-k3cz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-ta4z-pbfv-juey" }, { "vulnerability": "VCID-tc3c-a1kr-6yfu" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xt6b-xs9e-t7a9" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.3" } ], "aliases": [ "CVE-2014-0213", "GHSA-h75f-hjcr-cvh8" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nkvn-u8eg-7ufn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16112?format=api", "vulnerability_id": "VCID-p5fy-mtan-ykgy", "summary": "Moodle allows attackers to remove wiki pages\nmod/wiki/admin.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote authenticated users to remove wiki pages by leveraging delete access within a different subwiki.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47949", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47949" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/11/17/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/11/17/11" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7837", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69996", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7837" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/a481e32f02cdabd2b76aaa06d1d513ffe480e71b", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/a481e32f02cdabd2b76aaa06d1d513ffe480e71b" }, { "reference_url": "https://github.com/moodle/moodle/commit/a866ad40beb1c1d7faca2da9c3cbad2dcf6fa32b", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/a866ad40beb1c1d7faca2da9c3cbad2dcf6fa32b" }, { "reference_url": "https://github.com/moodle/moodle/commit/dc003ed98e47174a2a4c349f187265a383a386c0", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/dc003ed98e47174a2a4c349f187265a383a386c0" }, { "reference_url": "https://github.com/moodle/moodle/commit/e2a8ac6b1103167d6786cb1801703c2c0f8467ca", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/e2a8ac6b1103167d6786cb1801703c2c0f8467ca" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=275163", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=275163" }, { "reference_url": "https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7837", "reference_id": "CVE-2014-7837", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7837" }, { "reference_url": "https://github.com/advisories/GHSA-p3hj-cfhm-7g6v", "reference_id": "GHSA-p3hj-cfhm-7g6v", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p3hj-cfhm-7g6v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60993?format=api", "purl": "pkg:composer/moodle/moodle@2.6.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/60994?format=api", "purl": "pkg:composer/moodle/moodle@2.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3" } ], "aliases": [ "CVE-2014-7837", "GHSA-p3hj-cfhm-7g6v" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p5fy-mtan-ykgy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15978?format=api", "vulnerability_id": "VCID-q36b-zyxf-k3cz", "summary": "Improper Control of Generation of Code ('Code Injection')\nThe Repositories component in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary code via serialized data associated with an add-on.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45616", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45616" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/07/21/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/07/21/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3541", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01935", "scoring_system": "epss", "scoring_elements": "0.8371", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3541" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/3fe105953d14766393e24372806fcf0a2b77c96d", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/3fe105953d14766393e24372806fcf0a2b77c96d" }, { "reference_url": "https://github.com/moodle/moodle/commit/40d52d4067c2ee062a5b16c780753c6f97413894", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/40d52d4067c2ee062a5b16c780753c6f97413894" }, { "reference_url": "https://github.com/moodle/moodle/commit/5c4ef26c39d3106315f74c26cdcca779ba74254c", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/5c4ef26c39d3106315f74c26cdcca779ba74254c" }, { "reference_url": "https://github.com/moodle/moodle/commit/61961447c29d48e5a494e7c02e653d6ff00551b2", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/61961447c29d48e5a494e7c02e653d6ff00551b2" }, { "reference_url": "https://github.com/moodle/moodle/commit/68170f0b01ccaade799c4cab2312ce6a825fb844", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/68170f0b01ccaade799c4cab2312ce6a825fb844" }, { "reference_url": "https://github.com/moodle/moodle/commit/7bcf9b1e2cbdd1e877b828da75b17e3f8318fafc", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/7bcf9b1e2cbdd1e877b828da75b17e3f8318fafc" }, { "reference_url": "https://github.com/moodle/moodle/commit/867f40990bde6152e01604d106ddac8433018f42", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/867f40990bde6152e01604d106ddac8433018f42" }, { "reference_url": "https://github.com/moodle/moodle/commit/cb2b42aed8d9ce3c9840ad825f2e0e7e81bfad91", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/cb2b42aed8d9ce3c9840ad825f2e0e7e81bfad91" }, { "reference_url": "https://github.com/moodle/moodle/commit/e29bb97c0756de511ba287b40790d8275a991d33", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/e29bb97c0756de511ba287b40790d8275a991d33" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=264262", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=264262" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3541", "reference_id": "CVE-2014-3541", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3541" }, { "reference_url": "https://github.com/advisories/GHSA-fccf-p8fx-vjj4", "reference_id": "GHSA-fccf-p8fx-vjj4", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fccf-p8fx-vjj4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60960?format=api", "purl": "pkg:composer/moodle/moodle@2.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/60961?format=api", "purl": "pkg:composer/moodle/moodle@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q7s7-97ex-7kbj" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.1" } ], "aliases": [ "CVE-2014-3541", "GHSA-fccf-p8fx-vjj4" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q36b-zyxf-k3cz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13468?format=api", "vulnerability_id": "VCID-qnn9-5vhh-nkd8", "summary": "Information Exposure\nPermissions were not correctly checked before loading event information into the calendar's edit event modal popup, so logged in non-guest users could view unauthorised calendar events.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3848", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32503", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3848" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3848", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3848" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=384011#p1547743", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=384011#p1547743" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3848", "reference_id": "CVE-2019-3848", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3848" }, { "reference_url": "https://github.com/advisories/GHSA-45rw-4r25-jvg7", "reference_id": "GHSA-45rw-4r25-jvg7", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-45rw-4r25-jvg7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56661?format=api", "purl": "pkg:composer/moodle/moodle@3.4.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/56659?format=api", "purl": "pkg:composer/moodle/moodle@3.5.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17vy-726y-u7fz" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-68h6-fzmy-qqce" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-8xgp-3nds-d7dm" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-f1na-71hq-w7c3" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-ktfp-pk4e-2fa7" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-urh4-9kzr-93c3" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wk9h-bhj5-zua8" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y1m2-7ua9-47fm" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/56660?format=api", "purl": "pkg:composer/moodle/moodle@3.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1694-95s2-63a9" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.3" } ], "aliases": [ "CVE-2019-3848", "GHSA-45rw-4r25-jvg7" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qnn9-5vhh-nkd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15945?format=api", "vulnerability_id": "VCID-qrgw-76u1-kfbt", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nMultiple cross-site scripting (XSS) vulnerabilities in lib/javascript-static.js in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allow remote authenticated users to inject arbitrary web script or HTML via a (1) alt or (2) title attribute in an IMG element.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49144", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49144" }, { "reference_url": "http://openwall.com/lists/oss-security/2015/03/16/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2015/03/16/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2269", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00534", "scoring_system": "epss", "scoring_elements": "0.67715", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2269" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/ead8b28f92da72fb836cf9183aaf6f11a7eb1a21", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/ead8b28f92da72fb836cf9183aaf6f11a7eb1a21" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=307383", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=307383" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2269", "reference_id": "CVE-2015-2269", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2269" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/36418.txt", "reference_id": "CVE-2015-2269;OSVDB-119617", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/36418.txt" }, { "reference_url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5236.php", "reference_id": "CVE-2015-2269;OSVDB-119617", "reference_type": "exploit", "scores": [], "url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5236.php" }, { "reference_url": "https://github.com/advisories/GHSA-cp39-43xr-2wrp", "reference_id": "GHSA-cp39-43xr-2wrp", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cp39-43xr-2wrp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61020?format=api", "purl": "pkg:composer/moodle/moodle@2.6.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/61021?format=api", "purl": "pkg:composer/moodle/moodle@2.7.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/61022?format=api", "purl": "pkg:composer/moodle/moodle@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.4" } ], "aliases": [ "CVE-2015-2269", "GHSA-cp39-43xr-2wrp" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qrgw-76u1-kfbt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16235?format=api", "vulnerability_id": "VCID-qugr-tdyt-zfd7", "summary": "Improper Access Control\nmdeploy.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to bypass intended access restrictions and extract archives to arbitrary directories via a crafted dataroot value.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49087", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49087" }, { "reference_url": "http://openwall.com/lists/oss-security/2015/03/16/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2015/03/16/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2267", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40674", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2267" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/12a8fcb5e45c58ee8267ad0472852c2b80a19878", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/12a8fcb5e45c58ee8267ad0472852c2b80a19878" }, { "reference_url": "https://github.com/moodle/moodle/commit/240e7be7341afa31096fdbf3f242a7966f6237ab", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/240e7be7341afa31096fdbf3f242a7966f6237ab" }, { "reference_url": "https://github.com/moodle/moodle/commit/4475f1e478370fb97933127ec60e40f39e285da1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/4475f1e478370fb97933127ec60e40f39e285da1" }, { "reference_url": "https://github.com/moodle/moodle/commit/76da7e9bc88669eab62f83f04639ba356a0b0c5a", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/76da7e9bc88669eab62f83f04639ba356a0b0c5a" }, { "reference_url": "https://github.com/moodle/moodle/commit/83866c3c2a5b1391317172eea0b4f017c6d142d2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/83866c3c2a5b1391317172eea0b4f017c6d142d2" }, { "reference_url": "https://github.com/moodle/moodle/commit/84f9f60b67e1e20058fbe2afa473607d075aff63", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/84f9f60b67e1e20058fbe2afa473607d075aff63" }, { "reference_url": "https://github.com/moodle/moodle/commit/8d9bdd28e049ca6b6b2a4ab8f142097c2f907df6", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/8d9bdd28e049ca6b6b2a4ab8f142097c2f907df6" }, { "reference_url": "https://github.com/moodle/moodle/commit/a47aabc7833d0c88a83791d99a1204742c33f59b", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/a47aabc7833d0c88a83791d99a1204742c33f59b" }, { "reference_url": "https://github.com/moodle/moodle/commit/c353a6202658f320096a41e94494063393153b7f", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/c353a6202658f320096a41e94494063393153b7f" }, { "reference_url": "https://github.com/moodle/moodle/commit/de169b7944e36d374d55e3f396d90ab2b4303afb", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/de169b7944e36d374d55e3f396d90ab2b4303afb" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=307381", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=307381" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2267", "reference_id": "CVE-2015-2267", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2267" }, { "reference_url": "https://github.com/advisories/GHSA-cm4r-58pj-h2ph", "reference_id": "GHSA-cm4r-58pj-h2ph", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cm4r-58pj-h2ph" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61020?format=api", "purl": "pkg:composer/moodle/moodle@2.6.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/61021?format=api", "purl": "pkg:composer/moodle/moodle@2.7.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/61022?format=api", "purl": "pkg:composer/moodle/moodle@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.4" } ], "aliases": [ "CVE-2015-2267", "GHSA-cm4r-58pj-h2ph" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qugr-tdyt-zfd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15952?format=api", "vulnerability_id": "VCID-qzb9-n64b-eqat", "summary": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')\nDirectory traversal vulnerability in the min_get_slash_argument function in lib/configonlylib.php in Moodle through 2.5.9, 2.6.x before 2.6.8, 2.7.x before 2.7.5, and 2.8.x before 2.8.3 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter, as demonstrated by reading PHP scripts.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git;a=commit;h=af9a7937cc085f96bdbc4724cadec6eeae0242fc", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git;a=commit;h=af9a7937cc085f96bdbc4724cadec6eeae0242fc" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48980", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48980" }, { "reference_url": "http://openwall.com/lists/oss-security/2015/02/04/15", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2015/02/04/15" }, { "reference_url": "http://openwall.com/lists/oss-security/2015/02/09/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2015/02/09/2" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1493", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00665", "scoring_system": "epss", "scoring_elements": "0.71555", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1493" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/0289be1321babfa588fb5b18ebb08a296eed9eee", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/0289be1321babfa588fb5b18ebb08a296eed9eee" }, { "reference_url": "https://github.com/moodle/moodle/commit/a72f2cca7f08c354c18a3923c3f05eee50bdd434", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/a72f2cca7f08c354c18a3923c3f05eee50bdd434" }, { "reference_url": "https://github.com/moodle/moodle/commit/af9a7937cc085f96bdbc4724cadec6eeae0242fc", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/af9a7937cc085f96bdbc4724cadec6eeae0242fc" }, { "reference_url": "https://github.com/moodle/moodle/commit/cc496f5b27d36a8df4bcede997a484eb9719363b", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/cc496f5b27d36a8df4bcede997a484eb9719363b" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=279956", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=279956" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1493", "reference_id": "CVE-2015-1493", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1493" }, { "reference_url": "https://github.com/advisories/GHSA-gphj-63h8-r9vq", "reference_id": "GHSA-gphj-63h8-r9vq", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gphj-63h8-r9vq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61150?format=api", "purl": "pkg:composer/moodle/moodle@2.6.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/61151?format=api", "purl": "pkg:composer/moodle/moodle@2.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/61152?format=api", "purl": "pkg:composer/moodle/moodle@2.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.3" } ], "aliases": [ "CVE-2015-1493", "GHSA-gphj-63h8-r9vq" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qzb9-n64b-eqat" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16118?format=api", "vulnerability_id": "VCID-r56k-xmgn-wbh5", "summary": "Cross-Site Request Forgery (CSRF)\nMultiple cross-site request forgery (CSRF) vulnerabilities in the LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allow remote attackers to hijack the authentication of arbitrary users for a (1) mod/lti/request_tool.php or (2) mod/lti/instructor_edit_tool_type.php request.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47924", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47924" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/11/17/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/11/17/11" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7836", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38482", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7836" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/48ea41c48f3dcf28fb40fe0b0a1f0c4c0453d34d", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/48ea41c48f3dcf28fb40fe0b0a1f0c4c0453d34d" }, { "reference_url": "https://github.com/moodle/moodle/commit/75d7e25198eeb6255963e2e46212d89b14e05dd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/75d7e25198eeb6255963e2e46212d89b14e05dd7" }, { "reference_url": "https://github.com/moodle/moodle/commit/babaf596e10ee525e58314b36f8063c65b59aa7d", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/babaf596e10ee525e58314b36f8063c65b59aa7d" }, { "reference_url": "https://github.com/moodle/moodle/commit/bac38b11ab95862a831c6e6e60c03caf64eda599", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/bac38b11ab95862a831c6e6e60c03caf64eda599" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=275162", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=275162" }, { "reference_url": "https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7836", "reference_id": "CVE-2014-7836", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7836" }, { "reference_url": "https://github.com/advisories/GHSA-wpq5-q3mj-8f3r", "reference_id": "GHSA-wpq5-q3mj-8f3r", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wpq5-q3mj-8f3r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60993?format=api", "purl": "pkg:composer/moodle/moodle@2.6.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/60994?format=api", "purl": "pkg:composer/moodle/moodle@2.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3" } ], "aliases": [ "CVE-2014-7836", "GHSA-wpq5-q3mj-8f3r" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r56k-xmgn-wbh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16070?format=api", "vulnerability_id": "VCID-r9gn-v869-xbak", "summary": "Moodle allows attackers to bypass the mod/lti:view capability requirement\nmod/lti/launch.php in the LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 performs access control at the course level rather than at the activity level, which allows remote authenticated users to bypass the mod/lti:view capability requirement by viewing an activity instance.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47921", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47921" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/11/17/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/11/17/11" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7832", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47677", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7832" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/263f78b8b804fe7dbcd6ffadcadad2c94a0093f7", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/263f78b8b804fe7dbcd6ffadcadad2c94a0093f7" }, { "reference_url": "https://github.com/moodle/moodle/commit/8e34d8e85b971a01459797799c0696cfeaae9cc0", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/8e34d8e85b971a01459797799c0696cfeaae9cc0" }, { "reference_url": "https://github.com/moodle/moodle/commit/c844af2569e972195db8bca683c1fdf2ddbc3a59", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/c844af2569e972195db8bca683c1fdf2ddbc3a59" }, { "reference_url": "https://github.com/moodle/moodle/commit/fe8430e0dc2a50ea8e03d709e95d1226631d0d52", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/fe8430e0dc2a50ea8e03d709e95d1226631d0d52" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=275154", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=275154" }, { "reference_url": "https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7832", "reference_id": "CVE-2014-7832", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7832" }, { "reference_url": "https://github.com/advisories/GHSA-mphj-h2fc-62x3", "reference_id": "GHSA-mphj-h2fc-62x3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mphj-h2fc-62x3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60993?format=api", "purl": "pkg:composer/moodle/moodle@2.6.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/60994?format=api", "purl": "pkg:composer/moodle/moodle@2.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3" } ], "aliases": [ "CVE-2014-7832", "GHSA-mphj-h2fc-62x3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r9gn-v869-xbak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15979?format=api", "vulnerability_id": "VCID-rdvn-frh2-z3dv", "summary": "Improper Authentication\nlogin/token.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 creates a MoodleMobile web-service token with an infinite lifetime, which makes it easier for remote attackers to hijack sessions via a brute-force attack.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43119", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43119" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/05/19/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/05/19/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0214", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00466", "scoring_system": "epss", "scoring_elements": "0.6472", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0214" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/14c16a416373f68c36b65f4653c0bd076eb0b290", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/14c16a416373f68c36b65f4653c0bd076eb0b290" }, { "reference_url": "https://github.com/moodle/moodle/commit/437240b5aa7719f1b8cce1e0f45ac0708c72cc23", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/437240b5aa7719f1b8cce1e0f45ac0708c72cc23" }, { "reference_url": "https://github.com/moodle/moodle/commit/679e323aaab2a968b8e87862e1658814645db525", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/679e323aaab2a968b8e87862e1658814645db525" }, { "reference_url": "https://github.com/moodle/moodle/commit/b5b2eab6778bee166e20bc5eec0138d89795ac3d", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/b5b2eab6778bee166e20bc5eec0138d89795ac3d" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=260362", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=260362" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0214", "reference_id": "CVE-2014-0214", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0214" }, { "reference_url": "https://github.com/advisories/GHSA-48rq-vj58-2mh6", "reference_id": "GHSA-48rq-vj58-2mh6", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-48rq-vj58-2mh6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61099?format=api", "purl": "pkg:composer/moodle/moodle@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2p3q-vvfc-tkc5" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3je3-s51r-d7ck" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-963u-un81-k3b2" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cnuq-ryj8-gud2" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d58t-ca96-xyez" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kxfu-3yzg-pqdt" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q36b-zyxf-k3cz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-ta4z-pbfv-juey" }, { "vulnerability": "VCID-tc3c-a1kr-6yfu" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xt6b-xs9e-t7a9" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.3" } ], "aliases": [ "CVE-2014-0214", "GHSA-48rq-vj58-2mh6" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rdvn-frh2-z3dv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16138?format=api", "vulnerability_id": "VCID-rrbs-v8kx-b3d4", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nmod/quiz/db/access.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 does not set the RISK_XSS bit for graders, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks via crafted gradebook feedback during manual quiz grading.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49941", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49941" }, { "reference_url": "http://openwall.com/lists/oss-security/2015/05/18/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2015/05/18/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3174", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45343", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3174" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/10c2b92448873a8479942098a090e7c16b44438d", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/10c2b92448873a8479942098a090e7c16b44438d" }, { "reference_url": "https://github.com/moodle/moodle/commit/1ce4f44df7e793051211841b6a78ac77bd42fc99", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/1ce4f44df7e793051211841b6a78ac77bd42fc99" }, { "reference_url": "https://github.com/moodle/moodle/commit/39ae18a2f90fcf392a711dd41f9aa7627f72a762", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/39ae18a2f90fcf392a711dd41f9aa7627f72a762" }, { "reference_url": "https://github.com/moodle/moodle/commit/e51fdfe0cbab19320f139773d83aacb1ad15eb46", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/e51fdfe0cbab19320f139773d83aacb1ad15eb46" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=313681", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=313681" }, { "reference_url": "https://web.archive.org/web/20201030042703/http://www.securitytracker.com/id/1032358", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201030042703/http://www.securitytracker.com/id/1032358" }, { "reference_url": "http://www.securityfocus.com/bid/74719https://web.archive.org/web/20200228054910/http://www.securityfocus.com/bid/74719", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/74719https://web.archive.org/web/20200228054910/http://www.securityfocus.com/bid/74719" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3174", "reference_id": "CVE-2015-3174", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3174" }, { "reference_url": "https://github.com/advisories/GHSA-6r7x-6q98-qcqp", "reference_id": "GHSA-6r7x-6q98-qcqp", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6r7x-6q98-qcqp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51495?format=api", "purl": "pkg:composer/moodle/moodle@2.6.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/61182?format=api", "purl": "pkg:composer/moodle/moodle@2.7.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/61183?format=api", "purl": "pkg:composer/moodle/moodle@2.8.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.6" } ], "aliases": [ "CVE-2015-3174", "GHSA-6r7x-6q98-qcqp" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rrbs-v8kx-b3d4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16048?format=api", "vulnerability_id": "VCID-rxvq-rmc5-wkfd", "summary": "Moodle allows attackers to bypass file-management restrictions\nfiles/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 does not consider the moodle/user:manageownfiles capability before approving a private-file upload, which allows remote authenticated users to bypass intended file-management restrictions by using web services to perform uploads after this capability has been revoked.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49994", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49994" }, { "reference_url": "http://openwall.com/lists/oss-security/2015/05/18/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2015/05/18/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3181", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00328", "scoring_system": "epss", "scoring_elements": "0.5592", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3181" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/350397da93c557f577e7d62e7fc3e233792ad171", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/350397da93c557f577e7d62e7fc3e233792ad171" }, { "reference_url": "https://github.com/moodle/moodle/commit/4b6b64685affa66784fd238c1bbc1eb0651492a0", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/4b6b64685affa66784fd238c1bbc1eb0651492a0" }, { "reference_url": "https://github.com/moodle/moodle/commit/57d9a750e3da6708dba13513e9b05e84a895ad9f", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/57d9a750e3da6708dba13513e9b05e84a895ad9f" }, { "reference_url": "https://github.com/moodle/moodle/commit/8e8ee7530427a10e409386657484e9fd5effc438", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/8e8ee7530427a10e409386657484e9fd5effc438" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=313688", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=313688" }, { "reference_url": "https://web.archive.org/web/20200228054133/http://www.securityfocus.com/bid/74728", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228054133/http://www.securityfocus.com/bid/74728" }, { "reference_url": "https://web.archive.org/web/20201030042703/http://www.securitytracker.com/id/1032358", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201030042703/http://www.securitytracker.com/id/1032358" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3181", "reference_id": "CVE-2015-3181", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3181" }, { "reference_url": "https://github.com/advisories/GHSA-622h-cjgg-5mx6", "reference_id": "GHSA-622h-cjgg-5mx6", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-622h-cjgg-5mx6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51495?format=api", "purl": "pkg:composer/moodle/moodle@2.6.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/61182?format=api", "purl": "pkg:composer/moodle/moodle@2.7.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/61183?format=api", "purl": "pkg:composer/moodle/moodle@2.8.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.6" } ], "aliases": [ "CVE-2015-3181", "GHSA-622h-cjgg-5mx6" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rxvq-rmc5-wkfd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/136432?format=api", "vulnerability_id": "VCID-s8ph-ghzm-q7c5", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10187", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36039", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10187" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10187", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10187" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=388568#p1566330", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=388568#p1566330" }, { "reference_url": "http://www.securityfocus.com/bid/109174", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/109174" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10187", "reference_id": "CVE-2019-10187", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10187" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/142887?format=api", "purl": "pkg:composer/moodle/moodle@3.5.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17vy-726y-u7fz" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-68h6-fzmy-qqce" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-8xgp-3nds-d7dm" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-f1na-71hq-w7c3" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-ktfp-pk4e-2fa7" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-urh4-9kzr-93c3" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wk9h-bhj5-zua8" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y1m2-7ua9-47fm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/142888?format=api", "purl": "pkg:composer/moodle/moodle@3.6.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1694-95s2-63a9" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/142889?format=api", "purl": "pkg:composer/moodle/moodle@3.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1694-95s2-63a9" }, { "vulnerability": "VCID-17vy-726y-u7fz" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-5n6q-kt6b-zfbc" }, { "vulnerability": "VCID-68h6-fzmy-qqce" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8ct-r1tq-tfdr" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-f1na-71hq-w7c3" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gu1a-396c-7bgp" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-ktfp-pk4e-2fa7" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-u5tg-a91q-ckf3" }, { "vulnerability": "VCID-urh4-9kzr-93c3" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wk9h-bhj5-zua8" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y1m2-7ua9-47fm" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1" } ], "aliases": [ "CVE-2019-10187", "GHSA-2mg9-hv69-897x" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s8ph-ghzm-q7c5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15946?format=api", "vulnerability_id": "VCID-sgpe-hbqw-4baq", "summary": "Moodle's time-validation implementation allows bypassing intended restrictions\nThe time-validation implementation in (1) mod/feedback/complete.php and (2) mod/feedback/complete_guest.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote authenticated users to bypass intended restrictions on starting a Feedback activity by choosing an unavailable time.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43656", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43656" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/03/17/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/03/17/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0127", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.3813", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0127" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/1298acc7075614d8f24befe7e50edbd695498d66", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/1298acc7075614d8f24befe7e50edbd695498d66" }, { "reference_url": "https://github.com/moodle/moodle/commit/71037bf26c1e66c628f952b777a9b068775f7b24", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/71037bf26c1e66c628f952b777a9b068775f7b24" }, { "reference_url": "https://github.com/moodle/moodle/commit/7b839b0ec1d3d7fdfe7f76066c49829936a2390e", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/7b839b0ec1d3d7fdfe7f76066c49829936a2390e" }, { "reference_url": "https://github.com/moodle/moodle/commit/aea324963dfee857315d147bf0c17659bb43991e", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/aea324963dfee857315d147bf0c17659bb43991e" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=256417", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=256417" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0127", "reference_id": "CVE-2014-0127", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0127" }, { "reference_url": "https://github.com/advisories/GHSA-6p3g-hw27-qh44", "reference_id": "GHSA-6p3g-hw27-qh44", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6p3g-hw27-qh44" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60945?format=api", "purl": "pkg:composer/moodle/moodle@2.6.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2p3q-vvfc-tkc5" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3je3-s51r-d7ck" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-963u-un81-k3b2" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-awbx-r2ud-zbcr" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cnuq-ryj8-gud2" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d58t-ca96-xyez" }, { "vulnerability": "VCID-d6zz-q4zg-dfcc" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-e57y-88wh-5bbm" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kxfu-3yzg-pqdt" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-md9r-mr42-1ydb" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-nkvn-u8eg-7ufn" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q36b-zyxf-k3cz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rdvn-frh2-z3dv" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-ta4z-pbfv-juey" }, { "vulnerability": "VCID-tc3c-a1kr-6yfu" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xt6b-xs9e-t7a9" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.2" } ], "aliases": [ "CVE-2014-0127", "GHSA-6p3g-hw27-qh44" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sgpe-hbqw-4baq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15231?format=api", "vulnerability_id": "VCID-svds-tck8-rqce", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nThe redirect URI in the LTI authorization endpoint required extra sanitizing to prevent reflected XSS and open redirect risks. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8 and earlier unsupported versions are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32478", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03402", "scoring_system": "epss", "scoring_elements": "0.87625", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32478" }, { "reference_url": "https://github.com/moodle/moodle/commit/752ad3d8eb4f9ac22dbf1461aa69d6e0baee503e", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/752ad3d8eb4f9ac22dbf1461aa69d6e0baee503e" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=422314", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=422314" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32478", "reference_id": "CVE-2021-32478", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32478" }, { "reference_url": "https://github.com/advisories/GHSA-78fm-qhh8-8858", "reference_id": "GHSA-78fm-qhh8-8858", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-78fm-qhh8-8858" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/58604?format=api", "purl": "pkg:composer/moodle/moodle@3.8.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/59911?format=api", "purl": "pkg:composer/moodle/moodle@3.9.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-ex6v-wa1m-j7f6" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-gcfy-vcgn-5uc7" }, { "vulnerability": "VCID-k253-m5ud-8bgc" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/59912?format=api", "purl": "pkg:composer/moodle/moodle@3.10.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-ex6v-wa1m-j7f6" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-gcfy-vcgn-5uc7" }, { "vulnerability": "VCID-k253-m5ud-8bgc" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.4" } ], "aliases": [ "CVE-2021-32478", "GHSA-78fm-qhh8-8858" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-svds-tck8-rqce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16073?format=api", "vulnerability_id": "VCID-swty-7wga-zqbu", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site scripting (XSS) vulnerability in the quiz_question_tostring function in mod/quiz/editlib.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote authenticated users to inject arbitrary web script or HTML via a quiz question.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43690", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43690" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/03/17/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/03/17/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2571", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.4329", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2571" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/217d839ded7026ed1b1280e1c296bc80a4036023", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/217d839ded7026ed1b1280e1c296bc80a4036023" }, { "reference_url": "https://github.com/moodle/moodle/commit/5da73345fdd46cef912b229b2cfae2a26e36efd8", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/5da73345fdd46cef912b229b2cfae2a26e36efd8" }, { "reference_url": "https://github.com/moodle/moodle/commit/7051f3a8828665f4fab37c8db91322fec85a64db", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/7051f3a8828665f4fab37c8db91322fec85a64db" }, { "reference_url": "https://github.com/moodle/moodle/commit/fd4b7f57399bed85db0d4066ba12c2633ce87ba3", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/fd4b7f57399bed85db0d4066ba12c2633ce87ba3" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=256416", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=256416" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2571", "reference_id": "CVE-2014-2571", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2571" }, { "reference_url": "https://github.com/advisories/GHSA-75c6-xqwr-v2r9", "reference_id": "GHSA-75c6-xqwr-v2r9", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-75c6-xqwr-v2r9" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60945?format=api", "purl": "pkg:composer/moodle/moodle@2.6.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2p3q-vvfc-tkc5" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3je3-s51r-d7ck" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-963u-un81-k3b2" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-awbx-r2ud-zbcr" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cnuq-ryj8-gud2" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d58t-ca96-xyez" }, { "vulnerability": "VCID-d6zz-q4zg-dfcc" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-e57y-88wh-5bbm" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kxfu-3yzg-pqdt" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-md9r-mr42-1ydb" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-nkvn-u8eg-7ufn" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q36b-zyxf-k3cz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rdvn-frh2-z3dv" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-ta4z-pbfv-juey" }, { "vulnerability": "VCID-tc3c-a1kr-6yfu" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xt6b-xs9e-t7a9" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.2" } ], "aliases": [ "CVE-2014-2571", "GHSA-75c6-xqwr-v2r9" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-swty-7wga-zqbu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15912?format=api", "vulnerability_id": "VCID-t754-25wg-x3aw", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site scripting (XSS) vulnerability in course/pending.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted course summary.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48368", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48368" }, { "reference_url": "http://openwall.com/lists/oss-security/2015/01/19/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2015/01/19/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0212", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.4329", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0212" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/38ca8793b6faa6c35176537c8015cc4e76ce73f5", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/38ca8793b6faa6c35176537c8015cc4e76ce73f5" }, { "reference_url": "https://github.com/moodle/moodle/commit/7a15c996ebd90c776bae1a77573b95e8a43467b6", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/7a15c996ebd90c776bae1a77573b95e8a43467b6" }, { "reference_url": "https://github.com/moodle/moodle/commit/82356399b97be933c4d72f9c55b797e49b8c8232", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/82356399b97be933c4d72f9c55b797e49b8c8232" }, { "reference_url": "https://github.com/moodle/moodle/commit/b270bb0d75d2354b7fbf4b8ccf0b995037973684", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/b270bb0d75d2354b7fbf4b8ccf0b995037973684" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=278612", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=278612" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0212", "reference_id": "CVE-2015-0212", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0212" }, { "reference_url": "https://github.com/advisories/GHSA-jj3j-mhgc-g4m4", "reference_id": "GHSA-jj3j-mhgc-g4m4", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jj3j-mhgc-g4m4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61064?format=api", "purl": "pkg:composer/moodle/moodle@2.6.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/61065?format=api", "purl": "pkg:composer/moodle/moodle@2.7.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/61066?format=api", "purl": "pkg:composer/moodle/moodle@2.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.2" } ], "aliases": [ "CVE-2015-0212", "GHSA-jj3j-mhgc-g4m4" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t754-25wg-x3aw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16067?format=api", "vulnerability_id": "VCID-ta4z-pbfv-juey", "summary": "Moodle allows attackers to obtain username and course information\nMoodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 does not enforce certain capability requirements in (1) notes/index.php and (2) user/edit.php, which allows remote attackers to obtain potentially sensitive username and course information via a modified URL.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45760", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45760" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/07/21/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/07/21/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3546", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51889", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3546" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/2ca9e09dab3ff374e1026780b23c63751f4ee312", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/2ca9e09dab3ff374e1026780b23c63751f4ee312" }, { "reference_url": "https://github.com/moodle/moodle/commit/74556525de9617c593c3e08269d6d541c6576c90", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/74556525de9617c593c3e08269d6d541c6576c90" }, { "reference_url": "https://github.com/moodle/moodle/commit/8f7d596058a18c60b795b4677b59cf074c56de39", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/8f7d596058a18c60b795b4677b59cf074c56de39" }, { "reference_url": "https://github.com/moodle/moodle/commit/9dbf62d23017a91fcbf63bba7f2eb4835f77b8c9", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/9dbf62d23017a91fcbf63bba7f2eb4835f77b8c9" }, { "reference_url": "https://github.com/moodle/moodle/commit/dc97145785b9ae192168659c65309bca61a58151", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/dc97145785b9ae192168659c65309bca61a58151" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=264267", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=264267" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3546", "reference_id": "CVE-2014-3546", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3546" }, { "reference_url": "https://github.com/advisories/GHSA-4c5g-w3gf-rf4f", "reference_id": "GHSA-4c5g-w3gf-rf4f", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4c5g-w3gf-rf4f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60960?format=api", "purl": "pkg:composer/moodle/moodle@2.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/60961?format=api", "purl": "pkg:composer/moodle/moodle@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q7s7-97ex-7kbj" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.1" } ], "aliases": [ "CVE-2014-3546", "GHSA-4c5g-w3gf-rf4f" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ta4z-pbfv-juey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16139?format=api", "vulnerability_id": "VCID-tc3c-a1kr-6yfu", "summary": "Moodle does not enforce the moodle/site:accessallgroups capability requirement\nmod/forum/classes/post_form.php in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 does not enforce the moodle/site:accessallgroups capability requirement before proceeding with a post to all groups, which allows remote authenticated users to bypass intended access restrictions by leveraging two or more group memberships.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-38990", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-38990" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/07/21/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/07/21/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3553", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.3813", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3553" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/5c74e0daca748ffbbbf17a410abd8c85335b2116", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/5c74e0daca748ffbbbf17a410abd8c85335b2116" }, { "reference_url": "https://github.com/moodle/moodle/commit/91c8d4da71a6706c70071f9182e8ae6110c86d70", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/91c8d4da71a6706c70071f9182e8ae6110c86d70" }, { "reference_url": "https://github.com/moodle/moodle/commit/e3fd900dcda7b603d7e0749008abd0d01290bbc3", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/e3fd900dcda7b603d7e0749008abd0d01290bbc3" }, { "reference_url": "https://github.com/moodle/moodle/commit/f2946a5419a94f19cb3490a249fe0bb50161f254", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/f2946a5419a94f19cb3490a249fe0bb50161f254" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=264268", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=264268" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3553", "reference_id": "CVE-2014-3553", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3553" }, { "reference_url": "https://github.com/advisories/GHSA-mg69-5q59-8jcg", "reference_id": "GHSA-mg69-5q59-8jcg", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mg69-5q59-8jcg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60960?format=api", "purl": "pkg:composer/moodle/moodle@2.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/60961?format=api", "purl": "pkg:composer/moodle/moodle@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q7s7-97ex-7kbj" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.1" } ], "aliases": [ "CVE-2014-3553", "GHSA-mg69-5q59-8jcg" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tc3c-a1kr-6yfu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10851?format=api", "vulnerability_id": "VCID-tjb7-7hy5-63hg", "summary": "Information Exposure\nThe (1) `core_enrol_get_course_enrolment_methods` and (2) `enrol_self_get_instance_info` web services in Moodle do not consider the `moodle/course:viewhiddencourses` capability, which allows remote authenticated users to obtain sensitive information via a web-service request.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52072", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52072" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176502.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176502.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176436.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176436.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0724", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00578", "scoring_system": "epss", "scoring_elements": "0.6915", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0724" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/4323a973d57a41e19e039a850ad71ebcabae73c1", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/4323a973d57a41e19e039a850ad71ebcabae73c1" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=326205", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=326205" }, { "reference_url": "https://web.archive.org/web/20210622172957/http://www.securitytracker.com/id/1034694", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210622172957/http://www.securitytracker.com/id/1034694" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/01/18/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2016/01/18/1" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0724", "reference_id": "CVE-2016-0724", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0724" }, { "reference_url": "https://github.com/advisories/GHSA-hjrj-7wcj-7j3c", "reference_id": "GHSA-hjrj-7wcj-7j3c", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hjrj-7wcj-7j3c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/94776?format=api", "purl": "pkg:composer/moodle/moodle@2.7.0-beta", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.0-beta" }, { "url": "http://public2.vulnerablecode.io/api/packages/51498?format=api", "purl": "pkg:composer/moodle/moodle@2.7.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/51492?format=api", "purl": "pkg:composer/moodle/moodle@2.8.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/51493?format=api", "purl": "pkg:composer/moodle/moodle@2.9.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/51494?format=api", "purl": "pkg:composer/moodle/moodle@3.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-b3hr-pfv8-uqf6" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xatq-q64s-gugm" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.2" } ], "aliases": [ "CVE-2016-0724", "GHSA-hjrj-7wcj-7j3c" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tjb7-7hy5-63hg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16243?format=api", "vulnerability_id": "VCID-uhjy-v896-euf7", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site scripting (XSS) vulnerability in mod/feedback/mapcourse.php in the Feedback module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the mod/feedback:mapcourse capability to provide a searchcourse parameter.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47865", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47865" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/11/17/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/11/17/11" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7830", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43129", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7830" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/7bb6b84cfd308bad89dc0c3f95ad2fa55b7d25f8", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/7bb6b84cfd308bad89dc0c3f95ad2fa55b7d25f8" }, { "reference_url": "https://github.com/moodle/moodle/commit/8bf49b7377438a7f259750e2f076c612c0a5d84e", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/8bf49b7377438a7f259750e2f076c612c0a5d84e" }, { "reference_url": "https://github.com/moodle/moodle/commit/b7f75a9c05c65fb1d2f6391f5dd852f9e923a183", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/b7f75a9c05c65fb1d2f6391f5dd852f9e923a183" }, { "reference_url": "https://github.com/moodle/moodle/commit/c6b6e5decee4c452b8667f82d7c64f137b687d7c", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/c6b6e5decee4c452b8667f82d7c64f137b687d7c" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=275147", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=275147" }, { "reference_url": "https://web.archive.org/web/20200228175348/http://www.securityfocus.com/bid/71119", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228175348/http://www.securityfocus.com/bid/71119" }, { "reference_url": "http://www.securitytracker.com/id/1031215", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securitytracker.com/id/1031215" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7830", "reference_id": "CVE-2014-7830", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7830" }, { "reference_url": "https://github.com/advisories/GHSA-j4mr-vc54-h5pc", "reference_id": "GHSA-j4mr-vc54-h5pc", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j4mr-vc54-h5pc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60993?format=api", "purl": "pkg:composer/moodle/moodle@2.6.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/60994?format=api", "purl": "pkg:composer/moodle/moodle@2.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3" } ], "aliases": [ "CVE-2014-7830", "GHSA-j4mr-vc54-h5pc" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uhjy-v896-euf7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15884?format=api", "vulnerability_id": "VCID-us3v-wjsz-syf8", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nlib/setup.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not provide charset information in HTTP headers, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via UTF-7 characters during interaction with AJAX scripts.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47966", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47966" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9059", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.5532", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9059" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/0a0145c5e8041aadeff303a9f9984c86706b4e42", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/0a0145c5e8041aadeff303a9f9984c86706b4e42" }, { "reference_url": "https://github.com/moodle/moodle/commit/293e4bbcb71f0a801c2539ea051c58688314b23a", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/293e4bbcb71f0a801c2539ea051c58688314b23a" }, { "reference_url": "https://github.com/moodle/moodle/commit/3c98b7a5ad1bb596a738e550fc3bf966d6415fe0", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/3c98b7a5ad1bb596a738e550fc3bf966d6415fe0" }, { "reference_url": "https://github.com/moodle/moodle/commit/ac6e453d11024bf6ad99ada1bfc641c6b91ebed6", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/ac6e453d11024bf6ad99ada1bfc641c6b91ebed6" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=275146", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=275146" }, { "reference_url": "https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215" }, { "reference_url": "https://web.archive.org/web/20200229043651/http://www.securityfocus.com/bid/71133", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200229043651/http://www.securityfocus.com/bid/71133" }, { "reference_url": "http://www.securitytracker.com/id/1031215", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securitytracker.com/id/1031215" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9059", "reference_id": "CVE-2014-9059", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9059" }, { "reference_url": "https://github.com/advisories/GHSA-crcq-pw8h-9xwf", "reference_id": "GHSA-crcq-pw8h-9xwf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-crcq-pw8h-9xwf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60993?format=api", "purl": "pkg:composer/moodle/moodle@2.6.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/60994?format=api", "purl": "pkg:composer/moodle/moodle@2.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3" } ], "aliases": [ "CVE-2014-9059", "GHSA-crcq-pw8h-9xwf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-us3v-wjsz-syf8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16189?format=api", "vulnerability_id": "VCID-vgwc-xgc8-pqgs", "summary": "Moodle allows discovery of an author's username\nThe forum_print_latest_discussions function in mod/forum/lib.php in Moodle through 2.4.11, 2.5.x before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2 allows remote authenticated users to bypass the individual answer-posting requirement without the mod/forum:viewqandawithoutposting capability, and discover an author's username, by leveraging the student role and visiting a Q&A forum.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46619", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46619" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/09/15/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/09/15/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3617", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38876", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3617" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/1c5d2aefd1c6706176e97b99b2f9deef582564be", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/1c5d2aefd1c6706176e97b99b2f9deef582564be" }, { "reference_url": "https://github.com/moodle/moodle/commit/1f3066f1977cf9ba36bb2583597af8bc53eb7d0f", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/1f3066f1977cf9ba36bb2583597af8bc53eb7d0f" }, { "reference_url": "https://github.com/moodle/moodle/commit/532c25d5bd6d0f2ad14720fcee0da8c879c4d0f2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/532c25d5bd6d0f2ad14720fcee0da8c879c4d0f2" }, { "reference_url": "https://github.com/moodle/moodle/commit/8f2e80600bf0fc220b92706907fb3d683602e5c2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/8f2e80600bf0fc220b92706907fb3d683602e5c2" }, { "reference_url": "https://github.com/moodle/moodle/commit/95c3874b717e19711780147c29285e56ca01ff79", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/95c3874b717e19711780147c29285e56ca01ff79" }, { "reference_url": "https://github.com/moodle/moodle/commit/982c8524dd27066a6893a4b2ff2c41d60f9bdc23", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/982c8524dd27066a6893a4b2ff2c41d60f9bdc23" }, { "reference_url": "https://github.com/moodle/moodle/commit/a80ed84ed37d24e564b0bb7b8d51c4206b1fcd54", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/a80ed84ed37d24e564b0bb7b8d51c4206b1fcd54" }, { "reference_url": "https://github.com/moodle/moodle/commit/b1325427ecefb23002d3c79a7222e98f3995c0fb", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/b1325427ecefb23002d3c79a7222e98f3995c0fb" }, { "reference_url": "https://github.com/moodle/moodle/commit/b2b8d932f11c089b59b6c5ce439487ae3e5d79aa", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/b2b8d932f11c089b59b6c5ce439487ae3e5d79aa" }, { "reference_url": "https://github.com/moodle/moodle/commit/ebbff905629fbd87a6a81cc471964e995fba3eb0", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/ebbff905629fbd87a6a81cc471964e995fba3eb0" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=269591", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=269591" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3617", "reference_id": "CVE-2014-3617", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3617" }, { "reference_url": "https://github.com/advisories/GHSA-p5j7-26wj-423j", "reference_id": "GHSA-p5j7-26wj-423j", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p5j7-26wj-423j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61372?format=api", "purl": "pkg:composer/moodle/moodle@2.6.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/61373?format=api", "purl": "pkg:composer/moodle/moodle@2.7.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q7s7-97ex-7kbj" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.2" } ], "aliases": [ "CVE-2014-3617", "GHSA-p5j7-26wj-423j" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vgwc-xgc8-pqgs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/183080?format=api", "vulnerability_id": "VCID-vgwe-53vc-m7gn", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-40694", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65983", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-40694" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043421", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043421" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-40694", "reference_id": "CVE-2021-40694", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-40694" }, { "reference_url": "https://github.com/advisories/GHSA-m37g-mwcg-7j7v", "reference_id": "GHSA-m37g-mwcg-7j7v", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m37g-mwcg-7j7v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/58594?format=api", "purl": "pkg:composer/moodle/moodle@3.9.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/58596?format=api", "purl": "pkg:composer/moodle/moodle@3.10.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/58598?format=api", "purl": "pkg:composer/moodle/moodle@3.11.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fxx8-f2pp-27du" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wmaz-p29k-kuh8" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.3" } ], "aliases": [ "CVE-2021-40694", "GHSA-m37g-mwcg-7j7v" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vgwe-53vc-m7gn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15954?format=api", "vulnerability_id": "VCID-w24z-fm43-nyh3", "summary": "Moodle does not consider the moodle/tag:edit capability before adding a tag\ntag/tag_autocomplete.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not consider the moodle/tag:edit capability before adding a tag, which allows remote authenticated users to bypass intended access restrictions via an AJAX request.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47965", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47965" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/11/17/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/11/17/11" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7846", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47677", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7846" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/1d9e0857f8bd9f21d25886f77cc13120f9d6be08", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/1d9e0857f8bd9f21d25886f77cc13120f9d6be08" }, { "reference_url": "https://github.com/moodle/moodle/commit/932694ca59413ce8a0546b8bfb97e07e3b4cf17b", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/932694ca59413ce8a0546b8bfb97e07e3b4cf17b" }, { "reference_url": "https://github.com/moodle/moodle/commit/bb69623c5c0754467f01f916f94446e1caddb6a8", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/bb69623c5c0754467f01f916f94446e1caddb6a8" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=275157", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=275157" }, { "reference_url": "https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7846", "reference_id": "CVE-2014-7846", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7846" }, { "reference_url": "https://github.com/advisories/GHSA-468q-9cmp-76wc", "reference_id": "GHSA-468q-9cmp-76wc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-468q-9cmp-76wc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60993?format=api", "purl": "pkg:composer/moodle/moodle@2.6.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/60994?format=api", "purl": "pkg:composer/moodle/moodle@2.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3" } ], "aliases": [ "CVE-2014-7846", "GHSA-468q-9cmp-76wc" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w24z-fm43-nyh3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16239?format=api", "vulnerability_id": "VCID-w668-dvjm-yfdh", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nlib/navigationlib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to obtain sensitive course-structure information by leveraging access to a student account with a suspended enrolment.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49788", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49788" }, { "reference_url": "http://openwall.com/lists/oss-security/2015/05/18/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2015/05/18/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3180", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.54104", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3180" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/032f18c4a50d472cddd2cb52a627d19b75921f16", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/032f18c4a50d472cddd2cb52a627d19b75921f16" }, { "reference_url": "https://github.com/moodle/moodle/commit/271477f593c4acbb84c620015fad19f08282629e", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/271477f593c4acbb84c620015fad19f08282629e" }, { "reference_url": "https://github.com/moodle/moodle/commit/8b4568500b305f7ddedbca355b73ce34ea4afbc0", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/8b4568500b305f7ddedbca355b73ce34ea4afbc0" }, { "reference_url": "https://github.com/moodle/moodle/commit/b7d307e80761e1c5b310958223640055d23b83f6", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/b7d307e80761e1c5b310958223640055d23b83f6" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=313687", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=313687" }, { "reference_url": "https://web.archive.org/web/20200228054132/http://www.securityfocus.com/bid/74729", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228054132/http://www.securityfocus.com/bid/74729" }, { "reference_url": "https://web.archive.org/web/20201030042703/http://www.securitytracker.com/id/1032358", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201030042703/http://www.securitytracker.com/id/1032358" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3180", "reference_id": "CVE-2015-3180", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3180" }, { "reference_url": "https://github.com/advisories/GHSA-688p-pgj4-77hh", "reference_id": "GHSA-688p-pgj4-77hh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-688p-pgj4-77hh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51495?format=api", "purl": "pkg:composer/moodle/moodle@2.6.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/61182?format=api", "purl": "pkg:composer/moodle/moodle@2.7.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/61183?format=api", "purl": "pkg:composer/moodle/moodle@2.8.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.6" } ], "aliases": [ "CVE-2015-3180", "GHSA-688p-pgj4-77hh" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w668-dvjm-yfdh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14369?format=api", "vulnerability_id": "VCID-wc31-v1d5-jydh", "summary": "Exposure of Resource to Wrong Sphere\nInsufficient capability checks made it possible to fetch other users' calendar action events.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43560", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36312", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43560" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2021519", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2021519" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=429100", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=429100" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43560", "reference_id": "CVE-2021-43560", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43560" }, { "reference_url": "https://github.com/advisories/GHSA-g39c-mccf-rxjv", "reference_id": "GHSA-g39c-mccf-rxjv", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-g39c-mccf-rxjv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/58604?format=api", "purl": "pkg:composer/moodle/moodle@3.8.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/58599?format=api", "purl": "pkg:composer/moodle/moodle@3.9.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/58600?format=api", "purl": "pkg:composer/moodle/moodle@3.10.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/58601?format=api", "purl": "pkg:composer/moodle/moodle@3.11.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fxx8-f2pp-27du" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-wmaz-p29k-kuh8" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.4" } ], "aliases": [ "CVE-2021-43560", "GHSA-g39c-mccf-rxjv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wc31-v1d5-jydh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15937?format=api", "vulnerability_id": "VCID-wupr-23ux-ekdt", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nMultiple cross-site scripting (XSS) vulnerabilities in the survey module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allow remote authenticated users to inject arbitrary web script or HTML by leveraging the student role and entering a crafted survey answer.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49940", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49940" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5336", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40347", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5336" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/12c232df76885effa5ebac08e3094d6db5aa9223", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/12c232df76885effa5ebac08e3094d6db5aa9223" }, { "reference_url": "https://github.com/moodle/moodle/commit/31d0bf81af079bc285ea439ac5160f9e45697c88", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/31d0bf81af079bc285ea439ac5160f9e45697c88" }, { "reference_url": "https://github.com/moodle/moodle/commit/48d8989f13a6320c54b05f7d3ea552356cf85ed6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/48d8989f13a6320c54b05f7d3ea552356cf85ed6" }, { "reference_url": "https://github.com/moodle/moodle/commit/86cec86942c1cfcb92b840afd18deed9b9a34951", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/86cec86942c1cfcb92b840afd18deed9b9a34951" }, { "reference_url": "https://github.com/moodle/moodle/commit/b4f4232e1cf76334e4b8dda9cf68962b121e6bc0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/b4f4232e1cf76334e4b8dda9cf68962b121e6bc0" }, { "reference_url": "https://github.com/moodle/moodle/commit/f03ec4ce85b3d361429d9f66dbbb478a353640c9", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/f03ec4ce85b3d361429d9f66dbbb478a353640c9" }, { "reference_url": "https://github.com/moodle/moodle/commit/fd14d2902fab15fa6affecc427bb11d3869d9afe", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/fd14d2902fab15fa6affecc427bb11d3869d9afe" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=323231", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=323231" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5336", "reference_id": "CVE-2015-5336", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5336" }, { "reference_url": "https://github.com/advisories/GHSA-grvw-qq2j-r898", "reference_id": "GHSA-grvw-qq2j-r898", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-grvw-qq2j-r898" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51497?format=api", "purl": "pkg:composer/moodle/moodle@2.7.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/51487?format=api", "purl": "pkg:composer/moodle/moodle@2.8.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/51489?format=api", "purl": "pkg:composer/moodle/moodle@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.3" } ], "aliases": [ "CVE-2015-5336", "GHSA-grvw-qq2j-r898" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wupr-23ux-ekdt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/157258?format=api", "vulnerability_id": "VCID-x3gw-ztjq-ebbu", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1692", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36564", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1692" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1692", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1692" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1692", "reference_id": "CVE-2020-1692", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1692" }, { "reference_url": "https://github.com/advisories/GHSA-9328-7pcw-vw69", "reference_id": "GHSA-9328-7pcw-vw69", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9328-7pcw-vw69" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/76250?format=api", "purl": "pkg:composer/moodle/moodle@3.7.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1694-95s2-63a9" }, { "vulnerability": "VCID-17vy-726y-u7fz" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-68h6-fzmy-qqce" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8ct-r1tq-tfdr" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-f1na-71hq-w7c3" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gu1a-396c-7bgp" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-ktfp-pk4e-2fa7" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-u5tg-a91q-ckf3" }, { "vulnerability": "VCID-urh4-9kzr-93c3" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wk9h-bhj5-zua8" }, { "vulnerability": "VCID-y1m2-7ua9-47fm" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.2" } ], "aliases": [ "CVE-2020-1692", "GHSA-9328-7pcw-vw69" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x3gw-ztjq-ebbu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16058?format=api", "vulnerability_id": "VCID-x6wb-t9d3-juc9", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nmod/lti/ajax.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 does not consider the moodle/course:manageactivities and mod/lti:addinstance capabilities before proceeding with registered-tool list searches, which allows remote authenticated users to obtain sensitive information via requests to the LTI Ajax service.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47920", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47920" }, { "reference_url": "http://openwall.com/lists/oss-security/2015/01/19/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2015/01/19/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0211", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.41855", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0211" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/52555c36989b6704550ed0b3c6e832f5e7e150b7", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/52555c36989b6704550ed0b3c6e832f5e7e150b7" }, { "reference_url": "https://github.com/moodle/moodle/commit/da4c33f510aabc0d7443c29a7c097cfd54b6c4a4", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/da4c33f510aabc0d7443c29a7c097cfd54b6c4a4" }, { "reference_url": "https://github.com/moodle/moodle/commit/faf0cd9098517cd6274219b58f6f4a278d26455d", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/faf0cd9098517cd6274219b58f6f4a278d26455d" }, { "reference_url": "https://github.com/moodle/moodle/commit/fc6619d5c0bb297e6736880ff5353bb668048002", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/fc6619d5c0bb297e6736880ff5353bb668048002" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=278611", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=278611" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0211", "reference_id": "CVE-2015-0211", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0211" }, { "reference_url": "https://github.com/advisories/GHSA-frhc-9hwc-x7j3", "reference_id": "GHSA-frhc-9hwc-x7j3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-frhc-9hwc-x7j3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61064?format=api", "purl": "pkg:composer/moodle/moodle@2.6.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/61065?format=api", "purl": "pkg:composer/moodle/moodle@2.7.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/61066?format=api", "purl": "pkg:composer/moodle/moodle@2.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.2" } ], "aliases": [ "CVE-2015-0211", "GHSA-frhc-9hwc-x7j3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x6wb-t9d3-juc9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16252?format=api", "vulnerability_id": "VCID-xhq4-wwhs-8ybk", "summary": "Moodle allows attackers to bypass intended login restrictions\nlogin/confirm.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to bypass intended login restrictions by leveraging access to an unconfirmed suspended account.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50090", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50090" }, { "reference_url": "http://openwall.com/lists/oss-security/2015/05/18/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2015/05/18/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3179", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00328", "scoring_system": "epss", "scoring_elements": "0.5592", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3179" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/78ec6751fc57bb17bb67c26870fea396390b9937", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/78ec6751fc57bb17bb67c26870fea396390b9937" }, { "reference_url": "https://github.com/moodle/moodle/commit/811ae9f082697495248c6c87ec80aeaf88c851fc", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/811ae9f082697495248c6c87ec80aeaf88c851fc" }, { "reference_url": "https://github.com/moodle/moodle/commit/98c38993fd6cbd78bf5819c68c55fcfded6467c0", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/98c38993fd6cbd78bf5819c68c55fcfded6467c0" }, { "reference_url": "https://github.com/moodle/moodle/commit/f236dcc35c3595dfcc77932d84660056e982a310", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/f236dcc35c3595dfcc77932d84660056e982a310" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=313686", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=313686" }, { "reference_url": "https://web.archive.org/web/20200228054915/http://www.securityfocus.com/bid/74725", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228054915/http://www.securityfocus.com/bid/74725" }, { "reference_url": "https://web.archive.org/web/20200501000000*/http://www.securitytracker.com/id/1032358", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200501000000*/http://www.securitytracker.com/id/1032358" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3179", "reference_id": "CVE-2015-3179", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3179" }, { "reference_url": "https://github.com/advisories/GHSA-4ppg-2mx6-fqx9", "reference_id": "GHSA-4ppg-2mx6-fqx9", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4ppg-2mx6-fqx9" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51495?format=api", "purl": "pkg:composer/moodle/moodle@2.6.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/61182?format=api", "purl": "pkg:composer/moodle/moodle@2.7.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/61183?format=api", "purl": "pkg:composer/moodle/moodle@2.8.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.6" } ], "aliases": [ "CVE-2015-3179", "GHSA-4ppg-2mx6-fqx9" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xhq4-wwhs-8ybk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13467?format=api", "vulnerability_id": "VCID-xktx-amv6-gbh2", "summary": "URL Redirection to Untrusted Site (Open Redirect)\nLinks within assignment submission comments would open directly (in the same window). Although links themselves may be valid, opening within the same window and without the no-referrer header policy made them more susceptible to exploits.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3850", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.2204", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3850" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3850", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3850" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/1fc481dd7b09e08e85824c1fe6733b303a36bdce", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/1fc481dd7b09e08e85824c1fe6733b303a36bdce" }, { "reference_url": "https://github.com/moodle/moodle/commit/772c908d40a944efd91d897d524b255626d330d4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/772c908d40a944efd91d897d524b255626d330d4" }, { "reference_url": "https://github.com/moodle/moodle/commit/907b377e51c32ea37feef53e10684b504e103273", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/907b377e51c32ea37feef53e10684b504e103273" }, { "reference_url": "https://github.com/moodle/moodle/commit/d3f2f990dd3c5d4e6073a77154c6423d1c304647", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/d3f2f990dd3c5d4e6073a77154c6423d1c304647" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=384013#p1547745", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=384013#p1547745" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3850", "reference_id": "CVE-2019-3850", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3850" }, { "reference_url": "https://github.com/advisories/GHSA-3fj7-9j8m-7r8g", "reference_id": "GHSA-3fj7-9j8m-7r8g", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3fj7-9j8m-7r8g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56665?format=api", "purl": "pkg:composer/moodle/moodle@3.1.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/56661?format=api", "purl": "pkg:composer/moodle/moodle@3.4.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/56659?format=api", "purl": "pkg:composer/moodle/moodle@3.5.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17vy-726y-u7fz" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-68h6-fzmy-qqce" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-8xgp-3nds-d7dm" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-f1na-71hq-w7c3" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-ktfp-pk4e-2fa7" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-urh4-9kzr-93c3" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wk9h-bhj5-zua8" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y1m2-7ua9-47fm" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/56660?format=api", "purl": "pkg:composer/moodle/moodle@3.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1694-95s2-63a9" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.3" } ], "aliases": [ "CVE-2019-3850", "GHSA-3fj7-9j8m-7r8g" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xktx-amv6-gbh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16093?format=api", "vulnerability_id": "VCID-xmxy-88ec-cqdd", "summary": "Moodle allows attackers to bypass intended access restrictions\nThe choice module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allows remote authenticated users to bypass intended access restrictions by visiting a URL to add or delete responses in the closed state.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-51569", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-51569" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5342", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39193", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5342" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/02d8c8ca394ba053905f9b87c155042aabf0ce1b", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/02d8c8ca394ba053905f9b87c155042aabf0ce1b" }, { "reference_url": "https://github.com/moodle/moodle/commit/09bb6f19e5814deb25ae6ceb8270063430b8941f", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/09bb6f19e5814deb25ae6ceb8270063430b8941f" }, { "reference_url": "https://github.com/moodle/moodle/commit/5c16db4fc561c97b6a907398ea081cdaf6590214", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/5c16db4fc561c97b6a907398ea081cdaf6590214" }, { "reference_url": "https://github.com/moodle/moodle/commit/6283c33979001b035f9fc565b869296f66a61c4e", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/6283c33979001b035f9fc565b869296f66a61c4e" }, { "reference_url": "https://github.com/moodle/moodle/commit/7ca8c34045eb0d2031652b452492fe4abb2c7c8a", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/7ca8c34045eb0d2031652b452492fe4abb2c7c8a" }, { "reference_url": "https://github.com/moodle/moodle/commit/97394274ee29f0a6eecab330b5bbb8ee335e7ece", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/97394274ee29f0a6eecab330b5bbb8ee335e7ece" }, { "reference_url": "https://github.com/moodle/moodle/commit/bdaa571437c6357f322871b068f02a4520b7a23d", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/bdaa571437c6357f322871b068f02a4520b7a23d" }, { "reference_url": "https://github.com/moodle/moodle/commit/fb2491effb1a7d5d7abb0efba5b3929342990514", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/fb2491effb1a7d5d7abb0efba5b3929342990514" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=323237", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=323237" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5342", "reference_id": "CVE-2015-5342", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5342" }, { "reference_url": "https://github.com/advisories/GHSA-6xpm-q8x9-j3rw", "reference_id": "GHSA-6xpm-q8x9-j3rw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6xpm-q8x9-j3rw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51497?format=api", "purl": "pkg:composer/moodle/moodle@2.7.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/51487?format=api", "purl": "pkg:composer/moodle/moodle@2.8.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/51489?format=api", "purl": "pkg:composer/moodle/moodle@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.3" } ], "aliases": [ "CVE-2015-5342", "GHSA-6xpm-q8x9-j3rw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xmxy-88ec-cqdd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16255?format=api", "vulnerability_id": "VCID-xr6v-k8hr-1qhp", "summary": "Moodle allows attackers to modify the visibility of a badge\nbadges/mybadges.php in Moodle 2.5.x before 2.5.5 and 2.6.x before 2.6.2 does not properly track the user to whom a badge was issued, which allows remote authenticated users to modify the visibility of an arbitrary badge via unspecified vectors.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44140", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44140" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/03/17/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/03/17/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0129", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.41053", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0129" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/100ec861820ce763d4f25a9f98649bb1ae17e7a5", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/100ec861820ce763d4f25a9f98649bb1ae17e7a5" }, { "reference_url": "https://github.com/moodle/moodle/commit/28c8ac2c4a8d831f0efd653fa499a5d2384e6e88", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/28c8ac2c4a8d831f0efd653fa499a5d2384e6e88" }, { "reference_url": "https://github.com/moodle/moodle/commit/c5d7d20f40a71e23d951c7272675a19fef170fbe", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/c5d7d20f40a71e23d951c7272675a19fef170fbe" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=256424", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=256424" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0129", "reference_id": "CVE-2014-0129", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0129" }, { "reference_url": "https://github.com/advisories/GHSA-5rr5-fxhc-jv64", "reference_id": "GHSA-5rr5-fxhc-jv64", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5rr5-fxhc-jv64" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60945?format=api", "purl": "pkg:composer/moodle/moodle@2.6.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2p3q-vvfc-tkc5" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3je3-s51r-d7ck" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-963u-un81-k3b2" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-awbx-r2ud-zbcr" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cnuq-ryj8-gud2" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d58t-ca96-xyez" }, { "vulnerability": "VCID-d6zz-q4zg-dfcc" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-e57y-88wh-5bbm" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kxfu-3yzg-pqdt" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-md9r-mr42-1ydb" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-nkvn-u8eg-7ufn" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q36b-zyxf-k3cz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rdvn-frh2-z3dv" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-ta4z-pbfv-juey" }, { "vulnerability": "VCID-tc3c-a1kr-6yfu" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xt6b-xs9e-t7a9" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.2" } ], "aliases": [ "CVE-2014-0129", "GHSA-5rr5-fxhc-jv64" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xr6v-k8hr-1qhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16277?format=api", "vulnerability_id": "VCID-xt6b-xs9e-t7a9", "summary": "Improper Control of Generation of Code ('Code Injection')\nMoodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote authenticated users to execute arbitrary code via a calculated question in a quiz.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46148", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46148" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/07/21/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/07/21/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3545", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01284", "scoring_system": "epss", "scoring_elements": "0.79928", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3545" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/blob/1474f74687dda57c7d011b92d16f25b9870d2799/question/type/calculated/question.php#L426", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/blob/1474f74687dda57c7d011b92d16f25b9870d2799/question/type/calculated/question.php#L426" }, { "reference_url": "https://github.com/moodle/moodle/commit/155bc7547227dc2047cfc8630cbfe121888b359b", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/155bc7547227dc2047cfc8630cbfe121888b359b" }, { "reference_url": "https://github.com/moodle/moodle/commit/29005a5418894b76e62e44bbc2c9e4ddee8f5ce6", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/29005a5418894b76e62e44bbc2c9e4ddee8f5ce6" }, { "reference_url": "https://github.com/moodle/moodle/commit/44f726a7b1d351b39bb2a6a30c1b30027fabd000", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/44f726a7b1d351b39bb2a6a30c1b30027fabd000" }, { "reference_url": "https://github.com/moodle/moodle/commit/539a25ff03fae377758d62caefcc71a2418e9a84", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/539a25ff03fae377758d62caefcc71a2418e9a84" }, { "reference_url": "https://github.com/moodle/moodle/commit/5c6c172033e3fb4afce862f8b32b459f5c35ad19", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/5c6c172033e3fb4afce862f8b32b459f5c35ad19" }, { "reference_url": "https://github.com/moodle/moodle/commit/66de66fe6a8ce8f491562edad0a14f26d4808cb4", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/66de66fe6a8ce8f491562edad0a14f26d4808cb4" }, { "reference_url": "https://github.com/moodle/moodle/commit/770d3ce42669067eca2bcee22d142ed7fec08550", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/770d3ce42669067eca2bcee22d142ed7fec08550" }, { "reference_url": "https://github.com/moodle/moodle/commit/82b3260eab2db58dfa9510645fd2c60ee0ce142e", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/82b3260eab2db58dfa9510645fd2c60ee0ce142e" }, { "reference_url": "https://github.com/moodle/moodle/commit/88ec9f308da6a4bc7a735458cdf72648357d501d", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/88ec9f308da6a4bc7a735458cdf72648357d501d" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=264266", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=264266" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3545", "reference_id": "CVE-2014-3545", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3545" }, { "reference_url": "https://github.com/advisories/GHSA-3m99-h3hp-w9j7", "reference_id": "GHSA-3m99-h3hp-w9j7", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3m99-h3hp-w9j7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60960?format=api", "purl": "pkg:composer/moodle/moodle@2.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/60961?format=api", "purl": "pkg:composer/moodle/moodle@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2uvy-712n-x3hp" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-35zs-xvs1-dke3" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6vaw-uvtq-tbfs" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-7q3q-jd77-1yd3" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a3q6-k8cq-sbaw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ey36-w13k-8fb9" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-g3u8-3spk-x3fx" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-gtup-bdtk-tbdu" }, { "vulnerability": "VCID-h6xh-h89y-pbey" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-knb4-t5gz-ekh1" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-m7k1-7r22-ffds" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-n915-tsbu-k3e6" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-p5fy-mtan-ykgy" }, { "vulnerability": "VCID-q7s7-97ex-7kbj" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-r56k-xmgn-wbh5" }, { "vulnerability": "VCID-r9gn-v869-xbak" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t754-25wg-x3aw" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-uhjy-v896-euf7" }, { "vulnerability": "VCID-us3v-wjsz-syf8" }, { "vulnerability": "VCID-vgwc-xgc8-pqgs" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w24z-fm43-nyh3" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-x6wb-t9d3-juc9" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4mw-xneh-qfap" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.1" } ], "aliases": [ "CVE-2014-3545", "GHSA-3m99-h3hp-w9j7" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xt6b-xs9e-t7a9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/136433?format=api", "vulnerability_id": "VCID-y219-hufv-tkds", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10188", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36039", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10188" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10188", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10188" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=388569", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=388569" }, { "reference_url": "http://www.securityfocus.com/bid/109178", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/109178" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10188", "reference_id": "CVE-2019-10188", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10188" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/142887?format=api", "purl": "pkg:composer/moodle/moodle@3.5.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17vy-726y-u7fz" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-1wmh-jwh7-2fcw" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-68h6-fzmy-qqce" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-8xgp-3nds-d7dm" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-c5dg-exke-hfg6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-f1na-71hq-w7c3" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-gxc1-npsq-b7ed" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-j8n5-7feg-8bbp" }, { "vulnerability": "VCID-ktfp-pk4e-2fa7" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-t5d1-h6c9-6kex" }, { "vulnerability": "VCID-urh4-9kzr-93c3" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wk9h-bhj5-zua8" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y1m2-7ua9-47fm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/142888?format=api", "purl": "pkg:composer/moodle/moodle@3.6.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1694-95s2-63a9" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/142889?format=api", "purl": "pkg:composer/moodle/moodle@3.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1694-95s2-63a9" }, { "vulnerability": "VCID-17vy-726y-u7fz" }, { "vulnerability": "VCID-19gu-j1d4-4uab" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-5n6q-kt6b-zfbc" }, { "vulnerability": "VCID-68h6-fzmy-qqce" }, { "vulnerability": "VCID-73mw-h65y-fqg6" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8ct-r1tq-tfdr" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-f1na-71hq-w7c3" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fnen-jbsf-3kax" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gu1a-396c-7bgp" }, { "vulnerability": "VCID-gx6x-ebpv-k7er" }, { "vulnerability": "VCID-hbss-w1t3-sya7" }, { "vulnerability": "VCID-ktfp-pk4e-2fa7" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-u5tg-a91q-ckf3" }, { "vulnerability": "VCID-urh4-9kzr-93c3" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wk9h-bhj5-zua8" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y1m2-7ua9-47fm" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1" } ], "aliases": [ "CVE-2019-10188", "GHSA-92q5-2h76-vgmj" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y219-hufv-tkds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10939?format=api", "vulnerability_id": "VCID-y3ug-2byz-cfet", "summary": "Improper Access Control\nThe `save_submission` function in `mod/assign/externallib.php` in Moodle allows remote authenticated users to bypass intended due-date restrictions by leveraging the student role for a web-service request.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52901", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52901" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2159", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.4341", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2159" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/0766509ab02353008af62f953f7ebc0f6210411a", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/0766509ab02353008af62f953f7ebc0f6210411a" }, { "reference_url": "https://github.com/moodle/moodle/commit/3c069c16db62d0e0a64137578e92c22d604dd261", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/3c069c16db62d0e0a64137578e92c22d604dd261" }, { "reference_url": "https://github.com/moodle/moodle/commit/711f9468d4e2792afe0f2025ac98c52ee3e4ee71", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/711f9468d4e2792afe0f2025ac98c52ee3e4ee71" }, { "reference_url": "https://github.com/moodle/moodle/commit/dc8421575f35585a7a4fc1c9710dafd1d0483d4e", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/dc8421575f35585a7a4fc1c9710dafd1d0483d4e" }, { "reference_url": "https://github.com/moodle/moodle/commit/ea8987644fdbbee291337263598b0c3c7bf27c36", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/ea8987644fdbbee291337263598b0c3c7bf27c36" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=330182", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=330182" }, { "reference_url": "https://web.archive.org/web/20160424224349/http://www.securitytracker.com/id/1035333", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20160424224349/http://www.securitytracker.com/id/1035333" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/03/21/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2016/03/21/1" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2159", "reference_id": "CVE-2016-2159", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2159" }, { "reference_url": "https://github.com/advisories/GHSA-cw72-69wq-f9f2", "reference_id": "GHSA-cw72-69wq-f9f2", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cw72-69wq-f9f2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/94776?format=api", "purl": "pkg:composer/moodle/moodle@2.7.0-beta", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.0-beta" }, { "url": "http://public2.vulnerablecode.io/api/packages/51641?format=api", "purl": "pkg:composer/moodle/moodle@2.7.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/51642?format=api", "purl": "pkg:composer/moodle/moodle@2.8.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/51643?format=api", "purl": "pkg:composer/moodle/moodle@2.9.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/51644?format=api", "purl": "pkg:composer/moodle/moodle@3.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-b3hr-pfv8-uqf6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xatq-q64s-gugm" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.3" } ], "aliases": [ "CVE-2016-2159", "GHSA-cw72-69wq-f9f2" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y3ug-2byz-cfet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12082?format=api", "vulnerability_id": "VCID-y8j3-pw73-c3he", "summary": "Information Exposure\nIn Moodle, the quiz web services allow students to see quiz results when it is prohibited in the settings.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1044", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.39985", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1044" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=364383", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=364383" }, { "reference_url": "http://www.securityfocus.com/bid/102754", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/102754" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1044", "reference_id": "CVE-2018-1044", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1044" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53853?format=api", "purl": "pkg:composer/moodle/moodle@3.1.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2avg-qvn9-bkdn" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-6xjm-4pjx-xuh7" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d17g-sacy-nkfw" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d9xk-d7zc-rbeq" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dxn4-ry85-43dp" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ez7x-sprg-effa" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gt8k-6dg8-qqa8" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-k72d-w9wa-m7b5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-u843-6ku8-6bh7" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/53854?format=api", "purl": "pkg:composer/moodle/moodle@3.2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d9xk-d7zc-rbeq" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dxn4-ry85-43dp" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ez7x-sprg-effa" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gt8k-6dg8-qqa8" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-k72d-w9wa-m7b5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/53855?format=api", "purl": "pkg:composer/moodle/moodle@3.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d17g-sacy-nkfw" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d9xk-d7zc-rbeq" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dxn4-ry85-43dp" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ez7x-sprg-effa" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gt8k-6dg8-qqa8" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-k72d-w9wa-m7b5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-u843-6ku8-6bh7" }, { "vulnerability": "VCID-useh-xm73-zub8" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-vx5n-esff-fqew" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yq9c-xav3-e3bv" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/53865?format=api", "purl": "pkg:composer/moodle/moodle@3.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2avg-qvn9-bkdn" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d17g-sacy-nkfw" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d9xk-d7zc-rbeq" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dxn4-ry85-43dp" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ez7x-sprg-effa" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gt8k-6dg8-qqa8" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-k72d-w9wa-m7b5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-u843-6ku8-6bh7" }, { "vulnerability": "VCID-useh-xm73-zub8" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-vx5n-esff-fqew" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-yq9c-xav3-e3bv" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.1" } ], "aliases": [ "CVE-2018-1044", "GHSA-332g-xh34-5c96" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y8j3-pw73-c3he" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15973?format=api", "vulnerability_id": "VCID-yex8-nh7u-akca", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nlib/moodlelib.php in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 relies on the PHP mt_rand function to implement the random_string and complex_random_string functions, which makes it easier for remote attackers to predict password-recovery tokens via a brute-force approach.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50860", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50860" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5267", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.61024", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5267" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/289bc7f9e3022918b4cfd2cc9851472f0cea2896", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/289bc7f9e3022918b4cfd2cc9851472f0cea2896" }, { "reference_url": "https://github.com/moodle/moodle/commit/5337b2295237958c93b6c65fa595859aaa7bf257", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/5337b2295237958c93b6c65fa595859aaa7bf257" }, { "reference_url": "https://github.com/moodle/moodle/commit/6e8224365ffcdf328458ea7852dc62574e806119", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/6e8224365ffcdf328458ea7852dc62574e806119" }, { "reference_url": "https://github.com/moodle/moodle/commit/e4ac3879c2d1f8fe66caa74ff1544248bccef61e", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/e4ac3879c2d1f8fe66caa74ff1544248bccef61e" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=320291", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=320291" }, { "reference_url": "https://web.archive.org/web/20160323063809/http://www.securitytracker.com/id/1033619", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20160323063809/http://www.securitytracker.com/id/1033619" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/09/21/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2015/09/21/1" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5267", "reference_id": "CVE-2015-5267", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5267" }, { "reference_url": "https://github.com/advisories/GHSA-382v-gxj9-ffhc", "reference_id": "GHSA-382v-gxj9-ffhc", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-382v-gxj9-ffhc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61185?format=api", "purl": "pkg:composer/moodle/moodle@2.7.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/61186?format=api", "purl": "pkg:composer/moodle/moodle@2.8.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/61187?format=api", "purl": "pkg:composer/moodle/moodle@2.9.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xk8g-cmjz-6qeu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.2" } ], "aliases": [ "CVE-2015-5267", "GHSA-382v-gxj9-ffhc" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yex8-nh7u-akca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15641?format=api", "vulnerability_id": "VCID-yyb2-961k-qyet", "summary": "Improper Authentication\nInsufficient capability checks could allow users with the `moodle/site:uploadusers` capability to delete users, without having the necessary `moodle/user:delete` capability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0985", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.39987", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0985" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064117", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064117" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/addd4f894d8173ec8ff0ae2212d51a1977e7bcad", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/addd4f894d8173ec8ff0ae2212d51a1977e7bcad" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0985", "reference_id": "CVE-2022-0985", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0985" }, { "reference_url": "https://github.com/advisories/GHSA-6q9g-3vfq-q2qj", "reference_id": "GHSA-6q9g-3vfq-q2qj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6q9g-3vfq-q2qj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60058?format=api", "purl": "pkg:composer/moodle/moodle@3.9.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/60059?format=api", "purl": "pkg:composer/moodle/moodle@3.10.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/60060?format=api", "purl": "pkg:composer/moodle/moodle@3.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-wmaz-p29k-kuh8" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.6" } ], "aliases": [ "CVE-2022-0985", "GHSA-6q9g-3vfq-q2qj" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yyb2-961k-qyet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16018?format=api", "vulnerability_id": "VCID-z2sf-4zbe-17e4", "summary": "Moodle allows attackers to obtain sensitive course information\nlib/moodlelib.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4, when the theme uses the blocks-regions feature, establishes the course state at an incorrect point in the login-validation process, which allows remote attackers to obtain sensitive course information via unspecified vectors.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48804", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48804" }, { "reference_url": "http://openwall.com/lists/oss-security/2015/03/16/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2015/03/16/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2270", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51889", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2270" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/1edd3d6fbfcc7ac757579a7953f03e3401c0c32d", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/1edd3d6fbfcc7ac757579a7953f03e3401c0c32d" }, { "reference_url": "https://github.com/moodle/moodle/commit/4ab4ec652cb7768a058eca7f69362e76d9ee0c62", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/4ab4ec652cb7768a058eca7f69362e76d9ee0c62" }, { "reference_url": "https://github.com/moodle/moodle/commit/5f0bfb120f4a769518a77eff06fedc67c6040494", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/5f0bfb120f4a769518a77eff06fedc67c6040494" }, { "reference_url": "https://github.com/moodle/moodle/commit/cd060b5fe2b5d90ff87d3b345e5f802ef143f883", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/cd060b5fe2b5d90ff87d3b345e5f802ef143f883" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=307384", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=307384" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2270", "reference_id": "CVE-2015-2270", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2270" }, { "reference_url": "https://github.com/advisories/GHSA-fp4h-j22r-vwcv", "reference_id": "GHSA-fp4h-j22r-vwcv", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fp4h-j22r-vwcv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61020?format=api", "purl": "pkg:composer/moodle/moodle@2.6.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/61021?format=api", "purl": "pkg:composer/moodle/moodle@2.7.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/61022?format=api", "purl": "pkg:composer/moodle/moodle@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.4" } ], "aliases": [ "CVE-2015-2270", "GHSA-fp4h-j22r-vwcv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z2sf-4zbe-17e4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16094?format=api", "vulnerability_id": "VCID-z4mw-xneh-qfap", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\ncalendar/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to obtain sensitive calendar-event information via a web-services request.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48017", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48017" }, { "reference_url": "http://openwall.com/lists/oss-security/2015/01/19/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2015/01/19/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0215", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39814", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0215" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/5770e5147838aa06a3ecdff6fc3aebbbd17fff90", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/5770e5147838aa06a3ecdff6fc3aebbbd17fff90" }, { "reference_url": "https://github.com/moodle/moodle/commit/76aea854f6877cc5accb288bc6ac60bc55d30788", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/76aea854f6877cc5accb288bc6ac60bc55d30788" }, { "reference_url": "https://github.com/moodle/moodle/commit/c4250ef4f23776ff4862d2860b6be2cf7b2d85f6", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/c4250ef4f23776ff4862d2860b6be2cf7b2d85f6" }, { "reference_url": "https://github.com/moodle/moodle/commit/e83c756f84e16ab70e160e08deb84e9bc4bfbfea", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/e83c756f84e16ab70e160e08deb84e9bc4bfbfea" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=278615", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=278615" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0215", "reference_id": "CVE-2015-0215", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0215" }, { "reference_url": "https://github.com/advisories/GHSA-fr9m-pjmm-qx9f", "reference_id": "GHSA-fr9m-pjmm-qx9f", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fr9m-pjmm-qx9f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61064?format=api", "purl": "pkg:composer/moodle/moodle@2.6.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/61065?format=api", "purl": "pkg:composer/moodle/moodle@2.7.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/61066?format=api", "purl": "pkg:composer/moodle/moodle@2.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-1sz2-61r8-eugj" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-2mvc-d6w1-eqdw" }, { "vulnerability": "VCID-2vj9-tagd-yug8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6m2e-gzpg-97cr" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-qrgw-76u1-kfbt" }, { "vulnerability": "VCID-qugr-tdyt-zfd7" }, { "vulnerability": "VCID-qzb9-n64b-eqat" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z2sf-4zbe-17e4" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zd1t-7gd2-ubef" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.2" } ], "aliases": [ "CVE-2015-0215", "GHSA-fr9m-pjmm-qx9f" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z4mw-xneh-qfap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16006?format=api", "vulnerability_id": "VCID-z4pf-uwf6-8bga", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nThe rating component in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 mishandles group-based authorization checks, which allows remote authenticated users to obtain sensitive information by reading a rating value.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50173", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50173" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5268", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00281", "scoring_system": "epss", "scoring_elements": "0.51686", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5268" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/20ff15e22b4f0abebe1ab5fbfd1d681c88765e2a", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/20ff15e22b4f0abebe1ab5fbfd1d681c88765e2a" }, { "reference_url": "https://github.com/moodle/moodle/commit/4015226623111438158fa762b7ce61f6cf677665", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/4015226623111438158fa762b7ce61f6cf677665" }, { "reference_url": "https://github.com/moodle/moodle/commit/731c2712e746053b1ca06b50118632305b447e02", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/731c2712e746053b1ca06b50118632305b447e02" }, { "reference_url": "https://github.com/moodle/moodle/commit/fa57105063129eed83bf09d83348681501ff5b64", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/fa57105063129eed83bf09d83348681501ff5b64" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=320292", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=320292" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/09/21/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2015/09/21/1" }, { "reference_url": "http://www.securitytracker.com/id/1033619", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securitytracker.com/id/1033619" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5268", "reference_id": "CVE-2015-5268", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5268" }, { "reference_url": "https://github.com/advisories/GHSA-h34c-px28-rjgw", "reference_id": "GHSA-h34c-px28-rjgw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h34c-px28-rjgw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61185?format=api", "purl": "pkg:composer/moodle/moodle@2.7.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/61186?format=api", "purl": "pkg:composer/moodle/moodle@2.8.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/61187?format=api", "purl": "pkg:composer/moodle/moodle@2.9.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xk8g-cmjz-6qeu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.2" } ], "aliases": [ "CVE-2015-5268", "GHSA-h34c-px28-rjgw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z4pf-uwf6-8bga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15965?format=api", "vulnerability_id": "VCID-zd1t-7gd2-ubef", "summary": "Moodle does not consider the moodle/tag:flag capability\ntag/user.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 does not consider the moodle/tag:flag capability before proceeding with a flaginappropriate action, which allows remote authenticated users to bypass intended access restrictions via the \"Flag as inappropriate\" feature.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49084", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49084" }, { "reference_url": "http://openwall.com/lists/oss-security/2015/03/16/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2015/03/16/1" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2271", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.42963", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2271" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/1a344ea46f4bdedf6b8c87ae9a419e0617e1ac27", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/1a344ea46f4bdedf6b8c87ae9a419e0617e1ac27" }, { "reference_url": "https://github.com/moodle/moodle/commit/64e2179478849ec09c3537716e70ae8a1684b58b", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/64e2179478849ec09c3537716e70ae8a1684b58b" }, { "reference_url": "https://github.com/moodle/moodle/commit/8b4e370840dad1ec4ca6c7cef8a4d6b78e0458b7", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/8b4e370840dad1ec4ca6c7cef8a4d6b78e0458b7" }, { "reference_url": "https://github.com/moodle/moodle/commit/b771b31e20cbf3d39aab877c648cf387e77173ba", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/b771b31e20cbf3d39aab877c648cf387e77173ba" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=307385", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=307385" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2271", "reference_id": "CVE-2015-2271", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2271" }, { "reference_url": "https://github.com/advisories/GHSA-v3wp-35g3-m9mm", "reference_id": "GHSA-v3wp-35g3-m9mm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-v3wp-35g3-m9mm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61020?format=api", "purl": "pkg:composer/moodle/moodle@2.6.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/61021?format=api", "purl": "pkg:composer/moodle/moodle@2.7.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/61022?format=api", "purl": "pkg:composer/moodle/moodle@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1nd2-ew9g-tfek" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-3skc-qkcm-2qad" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5cjq-4538-7yd3" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-76zz-4ggs-1uf9" }, { "vulnerability": "VCID-8js1-ggz6-9fch" }, { "vulnerability": "VCID-8vks-asjk-hqd7" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-avvu-9xcf-93ft" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dpjj-kasd-gugv" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-jtp2-ug5q-g3b5" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mnvd-crhn-fyc3" }, { "vulnerability": "VCID-n2sv-d47m-rkar" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nc76-hv9c-zubq" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-rrbs-v8kx-b3d4" }, { "vulnerability": "VCID-rxvq-rmc5-wkfd" }, { "vulnerability": "VCID-s7en-nsgq-sbdc" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-tjb7-7hy5-63hg" }, { "vulnerability": "VCID-tnrm-xzpk-cudr" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-w668-dvjm-yfdh" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xhq4-wwhs-8ybk" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-xumu-2emh-13fk" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y3ug-2byz-cfet" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-ywt2-6fzz-huct" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zmzh-rxks-rye3" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.4" } ], "aliases": [ "CVE-2015-2271", "GHSA-v3wp-35g3-m9mm" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zd1t-7gd2-ubef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10938?format=api", "vulnerability_id": "VCID-zmzh-rxks-rye3", "summary": "Cross-site Scripting\nCross-site scripting (XSS) vulnerability in the `advanced-search` feature in `mod_data` in Moodle allows remote attackers to inject arbitrary web script or HTML via a crafted field in a URL.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52727", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52727" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2153", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44992", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2153" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/87e60e529939c60ef5b07d70c37426d359b2e8a2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/87e60e529939c60ef5b07d70c37426d359b2e8a2" }, { "reference_url": "https://github.com/moodle/moodle/commit/8f95eac1634b4d84053cef52a03065e620d6adf2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/8f95eac1634b4d84053cef52a03065e620d6adf2" }, { "reference_url": "https://github.com/moodle/moodle/commit/a5fae3b0d21cc85a7ea2d2c2af8c7fc9acf2fd92", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/a5fae3b0d21cc85a7ea2d2c2af8c7fc9acf2fd92" }, { "reference_url": "https://github.com/moodle/moodle/commit/de60fc23aeeef5631d5718469124af3257383ead", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/de60fc23aeeef5631d5718469124af3257383ead" }, { "reference_url": "https://github.com/moodle/moodle/commit/ead2dd9c161fcfde04ee1fa602e9101a47c53503", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/ead2dd9c161fcfde04ee1fa602e9101a47c53503" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=330175", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=330175" }, { "reference_url": "https://web.archive.org/web/20160424224349/http://www.securitytracker.com/id/1035333", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20160424224349/http://www.securitytracker.com/id/1035333" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/03/21/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2016/03/21/1" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2153", "reference_id": "CVE-2016-2153", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2153" }, { "reference_url": "https://github.com/advisories/GHSA-mj85-3hqq-r6r9", "reference_id": "GHSA-mj85-3hqq-r6r9", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mj85-3hqq-r6r9" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/94776?format=api", "purl": "pkg:composer/moodle/moodle@2.7.0-beta", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-5k7a-c53n-akbt" }, { "vulnerability": "VCID-6j1h-d82g-6qg7" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-95ha-th5r-xycw" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-bar7-ac9c-y3ca" }, { "vulnerability": "VCID-c4kh-k9n2-17a1" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kh3d-k28s-7ua5" }, { "vulnerability": "VCID-km7q-tdk1-efh5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mgk6-79z4-u3g5" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-nhpx-rrw3-ekhq" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-wupr-23ux-ekdt" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-xmxy-88ec-cqdd" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yex8-nh7u-akca" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-z4pf-uwf6-8bga" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.0-beta" }, { "url": "http://public2.vulnerablecode.io/api/packages/51641?format=api", "purl": "pkg:composer/moodle/moodle@2.7.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/51642?format=api", "purl": "pkg:composer/moodle/moodle@2.8.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/51643?format=api", "purl": "pkg:composer/moodle/moodle@2.9.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/51644?format=api", "purl": "pkg:composer/moodle/moodle@3.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-am73-3uvc-r3bf" }, { "vulnerability": "VCID-b3hr-pfv8-uqf6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fgw6-c8p8-u7hw" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-he6b-b249-bber" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qhtk-vc1y-ffdz" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-sctb-y9xc-87c1" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-ua62-ymzq-4ff4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xatq-q64s-gugm" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zqkc-uq6f-6yc3" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.3" } ], "aliases": [ "CVE-2016-2153", "GHSA-mj85-3hqq-r6r9" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zmzh-rxks-rye3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15232?format=api", "vulnerability_id": "VCID-zn3y-sq7h-83h9", "summary": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')\nAn SQL injection risk existed on sites with MNet enabled and configured, via an XML-RPC call from the connected peer host. Note that this required site administrator access or access to the keypair. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32474", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00847", "scoring_system": "epss", "scoring_elements": "0.75155", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32474" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=422308", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=422308" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32474", "reference_id": "CVE-2021-32474", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32474" }, { "reference_url": "https://github.com/advisories/GHSA-rvmc-8gmg-ggqr", "reference_id": "GHSA-rvmc-8gmg-ggqr", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rvmc-8gmg-ggqr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/59910?format=api", "purl": "pkg:composer/moodle/moodle@3.5.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/58604?format=api", "purl": "pkg:composer/moodle/moodle@3.8.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/59911?format=api", "purl": "pkg:composer/moodle/moodle@3.9.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-5hq2-2rn1-73g7" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-86zg-df5e-33gn" }, { "vulnerability": "VCID-8vb6-115w-hyfc" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr63-89au-4be2" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-eweg-zt1g-uyak" }, { "vulnerability": "VCID-ex6v-wa1m-j7f6" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-gcfy-vcgn-5uc7" }, { "vulnerability": "VCID-k253-m5ud-8bgc" }, { "vulnerability": "VCID-m21y-dkas-wyc8" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-pxvb-vwj1-ukc3" }, { "vulnerability": "VCID-qkfp-k2g6-dba1" }, { "vulnerability": "VCID-sxen-ree9-kbfr" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/59912?format=api", "purl": "pkg:composer/moodle/moodle@3.10.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2znf-gepe-hbed" }, { "vulnerability": "VCID-4c27-utgj-47e9" }, { "vulnerability": "VCID-634y-94qn-huhz" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-ex6v-wa1m-j7f6" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-gcfy-vcgn-5uc7" }, { "vulnerability": "VCID-k253-m5ud-8bgc" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-ph9y-fgs2-byez" }, { "vulnerability": "VCID-t8r2-hgvx-rqf9" }, { "vulnerability": "VCID-tv3r-7qy8-cqg4" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-xga2-af6c-jkd1" }, { "vulnerability": "VCID-ydbx-2sup-b7cy" }, { "vulnerability": "VCID-yyb2-961k-qyet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.4" } ], "aliases": [ "CVE-2021-32474", "GHSA-rvmc-8gmg-ggqr" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zn3y-sq7h-83h9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11250?format=api", "vulnerability_id": "VCID-zqkc-uq6f-6yc3", "summary": "Weak Password Recovery Mechanism for Forgotten Password\nIn Moodle, web service tokens are not invalidated when the user password is changed or forced to be changed.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7038", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47679", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7038" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=339631", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=339631" }, { "reference_url": "http://www.securityfocus.com/bid/93174", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/93174" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7038", "reference_id": "CVE-2016-7038", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7038" }, { "reference_url": "https://github.com/advisories/GHSA-2phx-w35g-x9vm", "reference_id": "GHSA-2phx-w35g-x9vm", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2phx-w35g-x9vm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52159?format=api", "purl": "pkg:composer/moodle/moodle@2.7.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/98015?format=api", "purl": "pkg:composer/moodle/moodle@2.9.0-beta", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.0-beta" }, { "url": "http://public2.vulnerablecode.io/api/packages/52160?format=api", "purl": "pkg:composer/moodle/moodle@2.9.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/52161?format=api", "purl": "pkg:composer/moodle/moodle@3.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-b3hr-pfv8-uqf6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xatq-q64s-gugm" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/51930?format=api", "purl": "pkg:composer/moodle/moodle@3.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2avg-qvn9-bkdn" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-44x7-sn7m-4kga" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-6xjm-4pjx-xuh7" }, { "vulnerability": "VCID-7gra-fj8d-byej" }, { "vulnerability": "VCID-937t-wbcy-qfbz" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-b3hr-pfv8-uqf6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d17g-sacy-nkfw" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d9xk-d7zc-rbeq" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dxn4-ry85-43dp" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-ewcg-abf2-5uff" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ez7x-sprg-effa" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gt8k-6dg8-qqa8" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hgng-uw56-pudk" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-k72d-w9wa-m7b5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-mzy3-yscv-9kc4" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-u843-6ku8-6bh7" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xatq-q64s-gugm" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" }, { "vulnerability": "VCID-zyg8-e1k7-jqd2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.2" } ], "aliases": [ "CVE-2016-7038", "GHSA-2phx-w35g-x9vm" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zqkc-uq6f-6yc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11254?format=api", "vulnerability_id": "VCID-zyg8-e1k7-jqd2", "summary": "Improper Input Validation\nThere is incorrect sanitization of attributes in forums.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2576", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52564", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2576" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=345912", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=345912" }, { "reference_url": "http://www.securityfocus.com/bid/95649", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/95649" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2576", "reference_id": "CVE-2017-2576", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2576" }, { "reference_url": "https://github.com/advisories/GHSA-cjrf-xg77-chpw", "reference_id": "GHSA-cjrf-xg77-chpw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cjrf-xg77-chpw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52173?format=api", "purl": "pkg:composer/moodle/moodle@2.7.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/98015?format=api", "purl": "pkg:composer/moodle/moodle@2.9.0-beta", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.0-beta" }, { "url": "http://public2.vulnerablecode.io/api/packages/98018?format=api", "purl": "pkg:composer/moodle/moodle@3.0.0-beta", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-aazg-a3fs-nub3" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.0-beta" }, { "url": "http://public2.vulnerablecode.io/api/packages/52174?format=api", "purl": "pkg:composer/moodle/moodle@3.0.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-b3hr-pfv8-uqf6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-cr7f-vvmv-aqfr" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xatq-q64s-gugm" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/52166?format=api", "purl": "pkg:composer/moodle/moodle@3.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2avg-qvn9-bkdn" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-44x7-sn7m-4kga" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-6xjm-4pjx-xuh7" }, { "vulnerability": "VCID-7gra-fj8d-byej" }, { "vulnerability": "VCID-937t-wbcy-qfbz" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-b3hr-pfv8-uqf6" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d17g-sacy-nkfw" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d9xk-d7zc-rbeq" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dxn4-ry85-43dp" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-ehpf-6ra7-syfy" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-ewcg-abf2-5uff" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ez7x-sprg-effa" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gt8k-6dg8-qqa8" }, { "vulnerability": "VCID-gtpy-dhmm-mufn" }, { "vulnerability": "VCID-hurp-xp2w-wbcp" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-k72d-w9wa-m7b5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-nbpz-vdd1-w3ae" }, { "vulnerability": "VCID-qfmd-5exc-c3f3" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-u843-6ku8-6bh7" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x2e5-m5rs-7qfr" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xatq-q64s-gugm" }, { "vulnerability": "VCID-xktx-amv6-gbh2" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/52167?format=api", "purl": "pkg:composer/moodle/moodle@3.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hht-sfqa-wkan" }, { "vulnerability": "VCID-2et6-3ejg-27b8" }, { "vulnerability": "VCID-3gup-tvzm-z7dt" }, { "vulnerability": "VCID-3r3j-bqzm-5ufz" }, { "vulnerability": "VCID-44x7-sn7m-4kga" }, { "vulnerability": "VCID-4nnu-qu33-27gx" }, { "vulnerability": "VCID-4s7h-83dq-aua7" }, { "vulnerability": "VCID-4t6w-wvj2-ffek" }, { "vulnerability": "VCID-6x4n-my8x-sbfg" }, { "vulnerability": "VCID-7gra-fj8d-byej" }, { "vulnerability": "VCID-937t-wbcy-qfbz" }, { "vulnerability": "VCID-a7n4-f1nk-vqec" }, { "vulnerability": "VCID-a8sa-7ed7-wbby" }, { "vulnerability": "VCID-ahbw-7fj3-eugs" }, { "vulnerability": "VCID-ajnx-w4at-7fgp" }, { "vulnerability": "VCID-b3hr-pfv8-uqf6" }, { "vulnerability": "VCID-beap-cjmv-s7he" }, { "vulnerability": "VCID-cf2z-a3h4-jkhf" }, { "vulnerability": "VCID-d2au-r7m3-cyc8" }, { "vulnerability": "VCID-d9xk-d7zc-rbeq" }, { "vulnerability": "VCID-dhu5-3tda-2qfx" }, { "vulnerability": "VCID-dxn4-ry85-43dp" }, { "vulnerability": "VCID-e52k-bb2k-tbgh" }, { "vulnerability": "VCID-eb8w-rqef-sqca" }, { "vulnerability": "VCID-eq8q-vrca-xbdb" }, { "vulnerability": "VCID-ewcg-abf2-5uff" }, { "vulnerability": "VCID-exk5-1mmz-7kep" }, { "vulnerability": "VCID-ez7x-sprg-effa" }, { "vulnerability": "VCID-fj1x-be1c-h3c4" }, { "vulnerability": "VCID-fvkk-381y-1kcb" }, { "vulnerability": "VCID-fx3x-sc7h-guhb" }, { "vulnerability": "VCID-gt8k-6dg8-qqa8" }, { "vulnerability": "VCID-j7ab-5rkp-yyeh" }, { "vulnerability": "VCID-jrf4-ua1a-cfcr" }, { "vulnerability": "VCID-k249-a5wk-2fcs" }, { "vulnerability": "VCID-k72d-w9wa-m7b5" }, { "vulnerability": "VCID-kys8-9mu7-w7dn" }, { "vulnerability": "VCID-mkuq-tdbg-t3ce" }, { "vulnerability": "VCID-qf7h-3hbp-5bbb" }, { "vulnerability": "VCID-qnn9-5vhh-nkd8" }, { "vulnerability": "VCID-s8ph-ghzm-q7c5" }, { "vulnerability": "VCID-svds-tck8-rqce" }, { "vulnerability": "VCID-vgwe-53vc-m7gn" }, { "vulnerability": "VCID-wc31-v1d5-jydh" }, { "vulnerability": "VCID-x3gw-ztjq-ebbu" }, { "vulnerability": "VCID-xatq-q64s-gugm" }, { "vulnerability": "VCID-y219-hufv-tkds" }, { "vulnerability": "VCID-y8j3-pw73-c3he" }, { "vulnerability": "VCID-ypxn-wgkc-nfcm" }, { "vulnerability": "VCID-yyb2-961k-qyet" }, { "vulnerability": "VCID-zn3y-sq7h-83h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.1" } ], "aliases": [ "CVE-2017-2576", "GHSA-cjrf-xg77-chpw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zyg8-e1k7-jqd2" } ], "fixing_vulnerabilities": [], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.0" }