Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/moodle/moodle@2.5.5
Typecomposer
Namespacemoodle
Namemoodle
Version2.5.5
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.5.17
Latest_non_vulnerable_version5.1.2
Affected_by_vulnerabilities
0
url VCID-2s6b-tp6p-gue1
vulnerability_id VCID-2s6b-tp6p-gue1
summary 
Cross-Site Request Forgery (CSRF)
A sesskey (CSRF) token was not being utilised by the XML loading/unloading admin tool.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10186
reference_id
reference_type
scores
0
value 0.00371
scoring_system epss
scoring_elements 0.59199
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10186
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10186
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10186
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/ea1ac3c7efbddbdb210ea4c75e7156c7d7ee914b
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/ea1ac3c7efbddbdb210ea4c75e7156c7d7ee914b
4
reference_url https://moodle.org/mod/forum/discuss.php?d=388567#p1566329
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=388567#p1566329
5
reference_url https://web.archive.org/web/20210125055044/https://www.securityfocus.com/bid/109175
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210125055044/https://www.securityfocus.com/bid/109175
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10186
reference_id CVE-2019-10186
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10186
fixed_packages
0
url pkg:composer/moodle/moodle@3.5.7
purl pkg:composer/moodle/moodle@3.5.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-42fa-qbft-rfff
2
vulnerability VCID-56wj-4124-ryd2
3
vulnerability VCID-6m19-4krm-2udd
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-bbj9-hpz3-xqhh
6
vulnerability VCID-c1a1-z5m1-nfbc
7
vulnerability VCID-dpd2-1sqc-qqfy
8
vulnerability VCID-fskk-cb95-uqer
9
vulnerability VCID-gnez-ehgq-rfbr
10
vulnerability VCID-hhzz-hbqz-akfw
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-jcsq-3q5z-4kc6
13
vulnerability VCID-kgva-z9gg-u3dw
14
vulnerability VCID-mhm4-8kuk-t7b6
15
vulnerability VCID-mkfz-e1ft-2bcw
16
vulnerability VCID-mqde-66zm-qbbj
17
vulnerability VCID-nntc-dsz1-e3fp
18
vulnerability VCID-paj4-nq1r-jbd3
19
vulnerability VCID-pgfa-bkaw-q7cq
20
vulnerability VCID-w2b2-fuky-j3ff
21
vulnerability VCID-y8up-cqtu-jkdw
22
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7
1
url pkg:composer/moodle/moodle@3.6.5
purl pkg:composer/moodle/moodle@3.6.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a6pb-47tu-afcg
1
vulnerability VCID-hhzz-hbqz-akfw
2
vulnerability VCID-jcq6-btgz-fkf6
3
vulnerability VCID-kgva-z9gg-u3dw
4
vulnerability VCID-n5tc-1k33-dfeq
5
vulnerability VCID-paj4-nq1r-jbd3
6
vulnerability VCID-w2b2-fuky-j3ff
7
vulnerability VCID-y8up-cqtu-jkdw
8
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.5
2
url pkg:composer/moodle/moodle@3.7.1
purl pkg:composer/moodle/moodle@3.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-3uvf-6ztd-xkaf
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-494p-pmxw-b7e2
4
vulnerability VCID-56wj-4124-ryd2
5
vulnerability VCID-6m19-4krm-2udd
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-c14d-1sa2-rkf6
8
vulnerability VCID-c1a1-z5m1-nfbc
9
vulnerability VCID-fskk-cb95-uqer
10
vulnerability VCID-hhzz-hbqz-akfw
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-jcsq-3q5z-4kc6
13
vulnerability VCID-kgva-z9gg-u3dw
14
vulnerability VCID-n5tc-1k33-dfeq
15
vulnerability VCID-paj4-nq1r-jbd3
16
vulnerability VCID-w2b2-fuky-j3ff
17
vulnerability VCID-y8up-cqtu-jkdw
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1
aliases CVE-2019-10186, GHSA-wv9c-pfpm-4wc5
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2s6b-tp6p-gue1
1
url VCID-37pj-u3gh-n7fd
vulnerability_id VCID-37pj-u3gh-n7fd
summary 
Insertion of Sensitive Information into Log File
Moodle does not properly restrict links, which allows remote attackers to obtain sensitive URL information by reading a Referer log.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52651
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52651
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2190
reference_id
reference_type
scores
0
value 0.00437
scoring_system epss
scoring_elements 0.63393
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2190
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/1688564a6eee6000013f6e185f704049283ae375
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/1688564a6eee6000013f6e185f704049283ae375
4
reference_url https://github.com/moodle/moodle/commit/190757854d9ce3b3ce3100dc76de54277f3bdd14
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/190757854d9ce3b3ce3100dc76de54277f3bdd14
5
reference_url https://github.com/moodle/moodle/commit/314d105c169c67e3ce750f76b21d99983d4a9ff5
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/314d105c169c67e3ce750f76b21d99983d4a9ff5
6
reference_url https://github.com/moodle/moodle/commit/4d6f159f681882496e05ddacf2561929d2d23f0e
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/4d6f159f681882496e05ddacf2561929d2d23f0e
7
reference_url https://github.com/moodle/moodle/commit/9f91c23536a31ba2dc91b0ba2ae726b1757a20cb
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/9f91c23536a31ba2dc91b0ba2ae726b1757a20cb
8
reference_url https://moodle.org/mod/forum/discuss.php?d=330181
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=330181
9
reference_url https://web.archive.org/web/20210801130148/http://www.securitytracker.com/id/1035333
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210801130148/http://www.securitytracker.com/id/1035333
10
reference_url http://www.openwall.com/lists/oss-security/2016/03/21/1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/03/21/1
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2190
reference_id CVE-2016-2190
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-2190
fixed_packages
0
url pkg:composer/moodle/moodle@2.7.0-beta
purl pkg:composer/moodle/moodle@2.7.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-65y9-9ur2-pugc
2
vulnerability VCID-83kb-4mk9-t7ge
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-duna-st9c-mqbk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-fsex-f512-pudv
9
vulnerability VCID-jcq6-btgz-fkf6
10
vulnerability VCID-k1bh-ymgt-e7cd
11
vulnerability VCID-k73h-z6j8-gkgz
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-nntc-dsz1-e3fp
16
vulnerability VCID-qhv1-wgpm-7fh6
17
vulnerability VCID-r6kn-b963-eqge
18
vulnerability VCID-s6uu-335k-yfbc
19
vulnerability VCID-vb67-yux5-ayhf
20
vulnerability VCID-vfp6-4h8n-bkax
21
vulnerability VCID-w9ca-exua-g7ar
22
vulnerability VCID-x7rg-rsb5-pya7
23
vulnerability VCID-y8up-cqtu-jkdw
24
vulnerability VCID-yghg-775s-vber
25
vulnerability VCID-zjrq-np3y-hua5
26
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.0-beta
1
url pkg:composer/moodle/moodle@2.7.13
purl pkg:composer/moodle/moodle@2.7.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-4kq5-ctsv-eka8
3
vulnerability VCID-5rbf-4dz3-2qdz
4
vulnerability VCID-65y9-9ur2-pugc
5
vulnerability VCID-83kb-4mk9-t7ge
6
vulnerability VCID-8cc1-hbzm-87bx
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-bjnq-q2nd-1khp
10
vulnerability VCID-dhku-uah4-ykh8
11
vulnerability VCID-duna-st9c-mqbk
12
vulnerability VCID-eu27-a3px-87ed
13
vulnerability VCID-fsex-f512-pudv
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-k1bh-ymgt-e7cd
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-kgvw-uxf4-wbc1
18
vulnerability VCID-m3np-aebb-8qaa
19
vulnerability VCID-m4zv-e3dn-budf
20
vulnerability VCID-mkfz-e1ft-2bcw
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-qhv1-wgpm-7fh6
23
vulnerability VCID-r6kn-b963-eqge
24
vulnerability VCID-s3ue-e5h8-f3dy
25
vulnerability VCID-s6uu-335k-yfbc
26
vulnerability VCID-vb67-yux5-ayhf
27
vulnerability VCID-vfp6-4h8n-bkax
28
vulnerability VCID-vtq4-fpr8-hudb
29
vulnerability VCID-w9ca-exua-g7ar
30
vulnerability VCID-x7rg-rsb5-pya7
31
vulnerability VCID-y8up-cqtu-jkdw
32
vulnerability VCID-yghg-775s-vber
33
vulnerability VCID-zjrq-np3y-hua5
34
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.13
2
url pkg:composer/moodle/moodle@2.8.11
purl pkg:composer/moodle/moodle@2.8.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4kq5-ctsv-eka8
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8cc1-hbzm-87bx
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fsex-f512-pudv
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-k1bh-ymgt-e7cd
13
vulnerability VCID-k73h-z6j8-gkgz
14
vulnerability VCID-kgvw-uxf4-wbc1
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-r6kn-b963-eqge
21
vulnerability VCID-s3ue-e5h8-f3dy
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zjrq-np3y-hua5
30
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.11
3
url pkg:composer/moodle/moodle@2.9.5
purl pkg:composer/moodle/moodle@2.9.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4kq5-ctsv-eka8
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8cc1-hbzm-87bx
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fsex-f512-pudv
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-k1bh-ymgt-e7cd
13
vulnerability VCID-k73h-z6j8-gkgz
14
vulnerability VCID-kgvw-uxf4-wbc1
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-r6kn-b963-eqge
21
vulnerability VCID-s3ue-e5h8-f3dy
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zjrq-np3y-hua5
30
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.5
4
url pkg:composer/moodle/moodle@3.0.3
purl pkg:composer/moodle/moodle@3.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-4kq5-ctsv-eka8
3
vulnerability VCID-5rbf-4dz3-2qdz
4
vulnerability VCID-65y9-9ur2-pugc
5
vulnerability VCID-83kb-4mk9-t7ge
6
vulnerability VCID-8cc1-hbzm-87bx
7
vulnerability VCID-9nd7-4wve-97hc
8
vulnerability VCID-a6pb-47tu-afcg
9
vulnerability VCID-ajkr-fxa1-mkhk
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-dhku-uah4-ykh8
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eu27-a3px-87ed
14
vulnerability VCID-fsex-f512-pudv
15
vulnerability VCID-jcq6-btgz-fkf6
16
vulnerability VCID-k1bh-ymgt-e7cd
17
vulnerability VCID-k73h-z6j8-gkgz
18
vulnerability VCID-kgvw-uxf4-wbc1
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-qhv1-wgpm-7fh6
24
vulnerability VCID-r6kn-b963-eqge
25
vulnerability VCID-s3ue-e5h8-f3dy
26
vulnerability VCID-s6uu-335k-yfbc
27
vulnerability VCID-vb67-yux5-ayhf
28
vulnerability VCID-vfp6-4h8n-bkax
29
vulnerability VCID-vtq4-fpr8-hudb
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-yghg-775s-vber
34
vulnerability VCID-zgzm-wj81-jkah
35
vulnerability VCID-zjrq-np3y-hua5
36
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.3
aliases CVE-2016-2190, GHSA-r9pc-g29w-f86j
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-37pj-u3gh-n7fd
2
url VCID-65y9-9ur2-pugc
vulnerability_id VCID-65y9-9ur2-pugc
summary 
Improper Input Validation
There is incorrect sanitization of attributes in forums.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-2576
reference_id
reference_type
scores
0
value 0.00289
scoring_system epss
scoring_elements 0.5258
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-2576
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=345912
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=345912
3
reference_url http://www.securityfocus.com/bid/95649
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/95649
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-2576
reference_id CVE-2017-2576
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-2576
fixed_packages
0
url pkg:composer/moodle/moodle@2.7.18
purl pkg:composer/moodle/moodle@2.7.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-5rbf-4dz3-2qdz
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-bjnq-q2nd-1khp
7
vulnerability VCID-dhku-uah4-ykh8
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-jcq6-btgz-fkf6
11
vulnerability VCID-k73h-z6j8-gkgz
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-nntc-dsz1-e3fp
16
vulnerability VCID-qhv1-wgpm-7fh6
17
vulnerability VCID-r6kn-b963-eqge
18
vulnerability VCID-s6uu-335k-yfbc
19
vulnerability VCID-vfp6-4h8n-bkax
20
vulnerability VCID-vtq4-fpr8-hudb
21
vulnerability VCID-w9ca-exua-g7ar
22
vulnerability VCID-x7rg-rsb5-pya7
23
vulnerability VCID-y8up-cqtu-jkdw
24
vulnerability VCID-yghg-775s-vber
25
vulnerability VCID-zjrq-np3y-hua5
26
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.18
1
url pkg:composer/moodle/moodle@2.9.0-beta
purl pkg:composer/moodle/moodle@2.9.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-ajkr-fxa1-mkhk
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-duna-st9c-mqbk
6
vulnerability VCID-eu27-a3px-87ed
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-k1bh-ymgt-e7cd
9
vulnerability VCID-k73h-z6j8-gkgz
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-m4zv-e3dn-budf
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-r6kn-b963-eqge
16
vulnerability VCID-s6uu-335k-yfbc
17
vulnerability VCID-vfp6-4h8n-bkax
18
vulnerability VCID-w9ca-exua-g7ar
19
vulnerability VCID-x7rg-rsb5-pya7
20
vulnerability VCID-y8up-cqtu-jkdw
21
vulnerability VCID-yghg-775s-vber
22
vulnerability VCID-zjrq-np3y-hua5
23
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.0-beta
2
url pkg:composer/moodle/moodle@3.0.0-beta
purl pkg:composer/moodle/moodle@3.0.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-ajkr-fxa1-mkhk
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-duna-st9c-mqbk
6
vulnerability VCID-eu27-a3px-87ed
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-k1bh-ymgt-e7cd
9
vulnerability VCID-k73h-z6j8-gkgz
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-m4zv-e3dn-budf
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-r6kn-b963-eqge
16
vulnerability VCID-s6uu-335k-yfbc
17
vulnerability VCID-vfp6-4h8n-bkax
18
vulnerability VCID-w9ca-exua-g7ar
19
vulnerability VCID-x7rg-rsb5-pya7
20
vulnerability VCID-y8up-cqtu-jkdw
21
vulnerability VCID-yghg-775s-vber
22
vulnerability VCID-zjrq-np3y-hua5
23
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.0-beta
3
url pkg:composer/moodle/moodle@3.0.8
purl pkg:composer/moodle/moodle@3.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-5rbf-4dz3-2qdz
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-9nd7-4wve-97hc
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-dhku-uah4-ykh8
9
vulnerability VCID-duna-st9c-mqbk
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-k73h-z6j8-gkgz
13
vulnerability VCID-m3np-aebb-8qaa
14
vulnerability VCID-m4zv-e3dn-budf
15
vulnerability VCID-mkfz-e1ft-2bcw
16
vulnerability VCID-nntc-dsz1-e3fp
17
vulnerability VCID-qhv1-wgpm-7fh6
18
vulnerability VCID-r6kn-b963-eqge
19
vulnerability VCID-s6uu-335k-yfbc
20
vulnerability VCID-vfp6-4h8n-bkax
21
vulnerability VCID-vtq4-fpr8-hudb
22
vulnerability VCID-w9ca-exua-g7ar
23
vulnerability VCID-x7rg-rsb5-pya7
24
vulnerability VCID-y8up-cqtu-jkdw
25
vulnerability VCID-yghg-775s-vber
26
vulnerability VCID-zgzm-wj81-jkah
27
vulnerability VCID-zjrq-np3y-hua5
28
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.8
4
url pkg:composer/moodle/moodle@3.1.4
purl pkg:composer/moodle/moodle@3.1.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-336n-hpzg-euhd
3
vulnerability VCID-4rz2-b4e3-87g5
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-83kb-4mk9-t7ge
6
vulnerability VCID-8mgr-gdzj-4ybs
7
vulnerability VCID-9nd7-4wve-97hc
8
vulnerability VCID-9t4u-n1pn-w3bd
9
vulnerability VCID-a6pb-47tu-afcg
10
vulnerability VCID-ajkr-fxa1-mkhk
11
vulnerability VCID-b7br-bh2d-rygp
12
vulnerability VCID-bjnq-q2nd-1khp
13
vulnerability VCID-ckg1-9vpt-yfdk
14
vulnerability VCID-deur-8zdf-2kh2
15
vulnerability VCID-dhku-uah4-ykh8
16
vulnerability VCID-duna-st9c-mqbk
17
vulnerability VCID-eu27-a3px-87ed
18
vulnerability VCID-fegs-ubsk-63hu
19
vulnerability VCID-g8ct-c4ce-zuaf
20
vulnerability VCID-jcq6-btgz-fkf6
21
vulnerability VCID-jn5n-6hg9-tyf7
22
vulnerability VCID-k73h-z6j8-gkgz
23
vulnerability VCID-m3np-aebb-8qaa
24
vulnerability VCID-m4zv-e3dn-budf
25
vulnerability VCID-mkfz-e1ft-2bcw
26
vulnerability VCID-nntc-dsz1-e3fp
27
vulnerability VCID-p2gd-7uam-mqf8
28
vulnerability VCID-q2fa-jymp-c3bb
29
vulnerability VCID-qhv1-wgpm-7fh6
30
vulnerability VCID-qxsq-ku22-r7gx
31
vulnerability VCID-r6kn-b963-eqge
32
vulnerability VCID-s6uu-335k-yfbc
33
vulnerability VCID-vfp6-4h8n-bkax
34
vulnerability VCID-vtq4-fpr8-hudb
35
vulnerability VCID-w9ca-exua-g7ar
36
vulnerability VCID-x7rg-rsb5-pya7
37
vulnerability VCID-x927-nh46-7fdy
38
vulnerability VCID-y8up-cqtu-jkdw
39
vulnerability VCID-yghg-775s-vber
40
vulnerability VCID-yp82-zj5g-pbaf
41
vulnerability VCID-zgzm-wj81-jkah
42
vulnerability VCID-zjrq-np3y-hua5
43
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.4
5
url pkg:composer/moodle/moodle@3.2.1
purl pkg:composer/moodle/moodle@3.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2qjr-wjh1-8fh6
2
vulnerability VCID-2s6b-tp6p-gue1
3
vulnerability VCID-5rbf-4dz3-2qdz
4
vulnerability VCID-83kb-4mk9-t7ge
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-ajkr-fxa1-mkhk
8
vulnerability VCID-b7br-bh2d-rygp
9
vulnerability VCID-ckg1-9vpt-yfdk
10
vulnerability VCID-dhku-uah4-ykh8
11
vulnerability VCID-duna-st9c-mqbk
12
vulnerability VCID-eu27-a3px-87ed
13
vulnerability VCID-fegs-ubsk-63hu
14
vulnerability VCID-g8ct-c4ce-zuaf
15
vulnerability VCID-jcq6-btgz-fkf6
16
vulnerability VCID-jn5n-6hg9-tyf7
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-m4zv-e3dn-budf
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-nc2j-pay7-ryab
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-p2gd-7uam-mqf8
23
vulnerability VCID-q2fa-jymp-c3bb
24
vulnerability VCID-qhv1-wgpm-7fh6
25
vulnerability VCID-vtq4-fpr8-hudb
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-x927-nh46-7fdy
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-yp82-zj5g-pbaf
32
vulnerability VCID-zgzm-wj81-jkah
33
vulnerability VCID-zjrq-np3y-hua5
34
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.1
aliases CVE-2017-2576, GHSA-cjrf-xg77-chpw
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-65y9-9ur2-pugc
3
url VCID-83kb-4mk9-t7ge
vulnerability_id VCID-83kb-4mk9-t7ge
summary 
Information Exposure
Students can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This allows enumerating and guessing emails of other students.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-15110
reference_id
reference_type
scores
0
value 0.00237
scoring_system epss
scoring_elements 0.46726
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-15110
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=361784
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=361784
3
reference_url http://www.securityfocus.com/bid/101909
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/101909
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-15110
reference_id CVE-2017-15110
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-15110
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.0-beta
purl pkg:composer/moodle/moodle@3.1.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-ajkr-fxa1-mkhk
3
vulnerability VCID-duna-st9c-mqbk
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-k1bh-ymgt-e7cd
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-mkfz-e1ft-2bcw
9
vulnerability VCID-nntc-dsz1-e3fp
10
vulnerability VCID-qhv1-wgpm-7fh6
11
vulnerability VCID-r6kn-b963-eqge
12
vulnerability VCID-s6uu-335k-yfbc
13
vulnerability VCID-w9ca-exua-g7ar
14
vulnerability VCID-x7rg-rsb5-pya7
15
vulnerability VCID-y8up-cqtu-jkdw
16
vulnerability VCID-yghg-775s-vber
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.0-beta
1
url pkg:composer/moodle/moodle@3.1.9
purl pkg:composer/moodle/moodle@3.1.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-9t4u-n1pn-w3bd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-b7br-bh2d-rygp
8
vulnerability VCID-bjnq-q2nd-1khp
9
vulnerability VCID-ckg1-9vpt-yfdk
10
vulnerability VCID-deur-8zdf-2kh2
11
vulnerability VCID-duna-st9c-mqbk
12
vulnerability VCID-eu27-a3px-87ed
13
vulnerability VCID-fegs-ubsk-63hu
14
vulnerability VCID-g8ct-c4ce-zuaf
15
vulnerability VCID-jcq6-btgz-fkf6
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-m4zv-e3dn-budf
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-nntc-dsz1-e3fp
21
vulnerability VCID-p2gd-7uam-mqf8
22
vulnerability VCID-qhv1-wgpm-7fh6
23
vulnerability VCID-qxsq-ku22-r7gx
24
vulnerability VCID-r6kn-b963-eqge
25
vulnerability VCID-s6uu-335k-yfbc
26
vulnerability VCID-vfp6-4h8n-bkax
27
vulnerability VCID-w9ca-exua-g7ar
28
vulnerability VCID-x7rg-rsb5-pya7
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.9
2
url pkg:composer/moodle/moodle@3.2.6
purl pkg:composer/moodle/moodle@3.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-ajkr-fxa1-mkhk
3
vulnerability VCID-b7br-bh2d-rygp
4
vulnerability VCID-ckg1-9vpt-yfdk
5
vulnerability VCID-duna-st9c-mqbk
6
vulnerability VCID-eu27-a3px-87ed
7
vulnerability VCID-fegs-ubsk-63hu
8
vulnerability VCID-g8ct-c4ce-zuaf
9
vulnerability VCID-jcq6-btgz-fkf6
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-m4zv-e3dn-budf
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-nc2j-pay7-ryab
14
vulnerability VCID-nntc-dsz1-e3fp
15
vulnerability VCID-p2gd-7uam-mqf8
16
vulnerability VCID-qhv1-wgpm-7fh6
17
vulnerability VCID-w9ca-exua-g7ar
18
vulnerability VCID-x7rg-rsb5-pya7
19
vulnerability VCID-y8up-cqtu-jkdw
20
vulnerability VCID-yghg-775s-vber
21
vulnerability VCID-zjrq-np3y-hua5
22
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.6
3
url pkg:composer/moodle/moodle@3.3.3
purl pkg:composer/moodle/moodle@3.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-8mgr-gdzj-4ybs
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-b7br-bh2d-rygp
6
vulnerability VCID-bjnq-q2nd-1khp
7
vulnerability VCID-ckg1-9vpt-yfdk
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fegs-ubsk-63hu
11
vulnerability VCID-fygy-9njn-abgd
12
vulnerability VCID-g8ct-c4ce-zuaf
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-m3np-aebb-8qaa
15
vulnerability VCID-m4zv-e3dn-budf
16
vulnerability VCID-mkfz-e1ft-2bcw
17
vulnerability VCID-mmg3-7fz9-5uak
18
vulnerability VCID-nc2j-pay7-ryab
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-p2gd-7uam-mqf8
21
vulnerability VCID-qhv1-wgpm-7fh6
22
vulnerability VCID-vfp6-4h8n-bkax
23
vulnerability VCID-w9ca-exua-g7ar
24
vulnerability VCID-x7rg-rsb5-pya7
25
vulnerability VCID-x9vd-njdz-jua9
26
vulnerability VCID-y8up-cqtu-jkdw
27
vulnerability VCID-yghg-775s-vber
28
vulnerability VCID-zjrq-np3y-hua5
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.3
aliases CVE-2017-15110, GHSA-rjh8-w8jg-xwq5
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-83kb-4mk9-t7ge
4
url VCID-a6pb-47tu-afcg
vulnerability_id VCID-a6pb-47tu-afcg
summary 
Information Exposure
Moodle is vulnerable to information exposure of service tokens for users enrolled in the same course.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1692
reference_id
reference_type
scores
0
value 0.00159
scoring_system epss
scoring_elements 0.36547
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1692
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1692
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1692
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1692
reference_id CVE-2020-1692
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1692
fixed_packages
0
url pkg:composer/moodle/moodle@3.7.2
purl pkg:composer/moodle/moodle@3.7.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-3uvf-6ztd-xkaf
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-56wj-4124-ryd2
4
vulnerability VCID-6m19-4krm-2udd
5
vulnerability VCID-c14d-1sa2-rkf6
6
vulnerability VCID-c1a1-z5m1-nfbc
7
vulnerability VCID-fskk-cb95-uqer
8
vulnerability VCID-hhzz-hbqz-akfw
9
vulnerability VCID-jcq6-btgz-fkf6
10
vulnerability VCID-jcsq-3q5z-4kc6
11
vulnerability VCID-kgva-z9gg-u3dw
12
vulnerability VCID-n5tc-1k33-dfeq
13
vulnerability VCID-paj4-nq1r-jbd3
14
vulnerability VCID-w2b2-fuky-j3ff
15
vulnerability VCID-y8up-cqtu-jkdw
16
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.2
aliases CVE-2020-1692, GHSA-9328-7pcw-vw69
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a6pb-47tu-afcg
5
url VCID-ajkr-fxa1-mkhk
vulnerability_id VCID-ajkr-fxa1-mkhk
summary 
Cross-site Scripting
Moodle is vulnerable to XSS via a calendar event name.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1045
reference_id
reference_type
scores
0
value 0.00237
scoring_system epss
scoring_elements 0.46987
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1045
1
reference_url https://moodle.org/mod/forum/discuss.php?d=364384
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=364384
2
reference_url https://web.archive.org/web/20210124134120/http://www.securityfocus.com/bid/102755
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210124134120/http://www.securityfocus.com/bid/102755
3
reference_url http://www.securityfocus.com/bid/102755
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/102755
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1045
reference_id CVE-2018-1045
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1045
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.10
purl pkg:composer/moodle/moodle@3.1.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-9t4u-n1pn-w3bd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-b7br-bh2d-rygp
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-ckg1-9vpt-yfdk
9
vulnerability VCID-deur-8zdf-2kh2
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fegs-ubsk-63hu
12
vulnerability VCID-g8ct-c4ce-zuaf
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k73h-z6j8-gkgz
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-p2gd-7uam-mqf8
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qxsq-ku22-r7gx
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-zjrq-np3y-hua5
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.10
1
url pkg:composer/moodle/moodle@3.2.7
purl pkg:composer/moodle/moodle@3.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-b7br-bh2d-rygp
3
vulnerability VCID-ckg1-9vpt-yfdk
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-fegs-ubsk-63hu
6
vulnerability VCID-g8ct-c4ce-zuaf
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-m4zv-e3dn-budf
10
vulnerability VCID-mkfz-e1ft-2bcw
11
vulnerability VCID-nntc-dsz1-e3fp
12
vulnerability VCID-p2gd-7uam-mqf8
13
vulnerability VCID-qhv1-wgpm-7fh6
14
vulnerability VCID-w9ca-exua-g7ar
15
vulnerability VCID-x7rg-rsb5-pya7
16
vulnerability VCID-y8up-cqtu-jkdw
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.7
2
url pkg:composer/moodle/moodle@3.3.4
purl pkg:composer/moodle/moodle@3.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-8mgr-gdzj-4ybs
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-b7br-bh2d-rygp
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-ckg1-9vpt-yfdk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-fegs-ubsk-63hu
9
vulnerability VCID-fygy-9njn-abgd
10
vulnerability VCID-g8ct-c4ce-zuaf
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-mmg3-7fz9-5uak
16
vulnerability VCID-nntc-dsz1-e3fp
17
vulnerability VCID-p2gd-7uam-mqf8
18
vulnerability VCID-qhv1-wgpm-7fh6
19
vulnerability VCID-vfp6-4h8n-bkax
20
vulnerability VCID-w9ca-exua-g7ar
21
vulnerability VCID-x7rg-rsb5-pya7
22
vulnerability VCID-x9vd-njdz-jua9
23
vulnerability VCID-y8up-cqtu-jkdw
24
vulnerability VCID-zjrq-np3y-hua5
25
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.4
aliases CVE-2018-1045, GHSA-595j-wpfg-23w4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ajkr-fxa1-mkhk
6
url VCID-an53-nu91-k3d7
vulnerability_id VCID-an53-nu91-k3d7
summary 
Cross-site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in `auth/db/auth.php` in Moodle allow remote attackers to inject arbitrary web script or HTML via an external DB profile field.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50705
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50705
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2152
reference_id
reference_type
scores
0
value 0.00223
scoring_system epss
scoring_elements 0.44992
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2152
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/3b214760fb51ae2b0c85bbb2b272b9bc7c164657
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/3b214760fb51ae2b0c85bbb2b272b9bc7c164657
4
reference_url https://github.com/moodle/moodle/commit/4db8407d3eaba17a8d3f81957b8e93e9f2554055
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/4db8407d3eaba17a8d3f81957b8e93e9f2554055
5
reference_url https://github.com/moodle/moodle/commit/4ee7394c8bfa95a63428385b542c2066cd2d8ea1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/4ee7394c8bfa95a63428385b542c2066cd2d8ea1
6
reference_url https://github.com/moodle/moodle/commit/54d6ee8c0874d72705ffa4c7c17d7c90bc16c897
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/54d6ee8c0874d72705ffa4c7c17d7c90bc16c897
7
reference_url https://github.com/moodle/moodle/commit/61da84e4148aa1de83a6389eb77abf3bbf09a349
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/61da84e4148aa1de83a6389eb77abf3bbf09a349
8
reference_url https://github.com/moodle/moodle/commit/82d0c0b5218e9ceb35a4e24b4a4e1e2e9cfc840c
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/82d0c0b5218e9ceb35a4e24b4a4e1e2e9cfc840c
9
reference_url https://github.com/moodle/moodle/commit/ce597604763272396e5cb8ec93859a8568020b8b
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/ce597604763272396e5cb8ec93859a8568020b8b
10
reference_url https://github.com/moodle/moodle/commit/d9d8e9c3fe92c5f25e319a38fe5617088965ad20
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/d9d8e9c3fe92c5f25e319a38fe5617088965ad20
11
reference_url https://github.com/moodle/moodle/commit/f4fcb1c4f76488d4571d3d265efce3813676c45d
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/f4fcb1c4f76488d4571d3d265efce3813676c45d
12
reference_url https://moodle.org/mod/forum/discuss.php?d=330174
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=330174
13
reference_url https://web.archive.org/web/20160424224349/http://www.securitytracker.com/id/1035333
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20160424224349/http://www.securitytracker.com/id/1035333
14
reference_url http://www.openwall.com/lists/oss-security/2016/03/21/1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/03/21/1
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2152
reference_id CVE-2016-2152
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-2152
fixed_packages
0
url pkg:composer/moodle/moodle@2.7.0-beta
purl pkg:composer/moodle/moodle@2.7.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-65y9-9ur2-pugc
2
vulnerability VCID-83kb-4mk9-t7ge
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-duna-st9c-mqbk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-fsex-f512-pudv
9
vulnerability VCID-jcq6-btgz-fkf6
10
vulnerability VCID-k1bh-ymgt-e7cd
11
vulnerability VCID-k73h-z6j8-gkgz
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-nntc-dsz1-e3fp
16
vulnerability VCID-qhv1-wgpm-7fh6
17
vulnerability VCID-r6kn-b963-eqge
18
vulnerability VCID-s6uu-335k-yfbc
19
vulnerability VCID-vb67-yux5-ayhf
20
vulnerability VCID-vfp6-4h8n-bkax
21
vulnerability VCID-w9ca-exua-g7ar
22
vulnerability VCID-x7rg-rsb5-pya7
23
vulnerability VCID-y8up-cqtu-jkdw
24
vulnerability VCID-yghg-775s-vber
25
vulnerability VCID-zjrq-np3y-hua5
26
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.0-beta
1
url pkg:composer/moodle/moodle@2.7.13
purl pkg:composer/moodle/moodle@2.7.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-4kq5-ctsv-eka8
3
vulnerability VCID-5rbf-4dz3-2qdz
4
vulnerability VCID-65y9-9ur2-pugc
5
vulnerability VCID-83kb-4mk9-t7ge
6
vulnerability VCID-8cc1-hbzm-87bx
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-bjnq-q2nd-1khp
10
vulnerability VCID-dhku-uah4-ykh8
11
vulnerability VCID-duna-st9c-mqbk
12
vulnerability VCID-eu27-a3px-87ed
13
vulnerability VCID-fsex-f512-pudv
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-k1bh-ymgt-e7cd
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-kgvw-uxf4-wbc1
18
vulnerability VCID-m3np-aebb-8qaa
19
vulnerability VCID-m4zv-e3dn-budf
20
vulnerability VCID-mkfz-e1ft-2bcw
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-qhv1-wgpm-7fh6
23
vulnerability VCID-r6kn-b963-eqge
24
vulnerability VCID-s3ue-e5h8-f3dy
25
vulnerability VCID-s6uu-335k-yfbc
26
vulnerability VCID-vb67-yux5-ayhf
27
vulnerability VCID-vfp6-4h8n-bkax
28
vulnerability VCID-vtq4-fpr8-hudb
29
vulnerability VCID-w9ca-exua-g7ar
30
vulnerability VCID-x7rg-rsb5-pya7
31
vulnerability VCID-y8up-cqtu-jkdw
32
vulnerability VCID-yghg-775s-vber
33
vulnerability VCID-zjrq-np3y-hua5
34
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.13
2
url pkg:composer/moodle/moodle@2.8.11
purl pkg:composer/moodle/moodle@2.8.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4kq5-ctsv-eka8
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8cc1-hbzm-87bx
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fsex-f512-pudv
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-k1bh-ymgt-e7cd
13
vulnerability VCID-k73h-z6j8-gkgz
14
vulnerability VCID-kgvw-uxf4-wbc1
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-r6kn-b963-eqge
21
vulnerability VCID-s3ue-e5h8-f3dy
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zjrq-np3y-hua5
30
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.11
3
url pkg:composer/moodle/moodle@2.9.5
purl pkg:composer/moodle/moodle@2.9.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4kq5-ctsv-eka8
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8cc1-hbzm-87bx
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fsex-f512-pudv
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-k1bh-ymgt-e7cd
13
vulnerability VCID-k73h-z6j8-gkgz
14
vulnerability VCID-kgvw-uxf4-wbc1
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-r6kn-b963-eqge
21
vulnerability VCID-s3ue-e5h8-f3dy
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zjrq-np3y-hua5
30
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.5
4
url pkg:composer/moodle/moodle@3.0.3
purl pkg:composer/moodle/moodle@3.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-4kq5-ctsv-eka8
3
vulnerability VCID-5rbf-4dz3-2qdz
4
vulnerability VCID-65y9-9ur2-pugc
5
vulnerability VCID-83kb-4mk9-t7ge
6
vulnerability VCID-8cc1-hbzm-87bx
7
vulnerability VCID-9nd7-4wve-97hc
8
vulnerability VCID-a6pb-47tu-afcg
9
vulnerability VCID-ajkr-fxa1-mkhk
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-dhku-uah4-ykh8
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eu27-a3px-87ed
14
vulnerability VCID-fsex-f512-pudv
15
vulnerability VCID-jcq6-btgz-fkf6
16
vulnerability VCID-k1bh-ymgt-e7cd
17
vulnerability VCID-k73h-z6j8-gkgz
18
vulnerability VCID-kgvw-uxf4-wbc1
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-qhv1-wgpm-7fh6
24
vulnerability VCID-r6kn-b963-eqge
25
vulnerability VCID-s3ue-e5h8-f3dy
26
vulnerability VCID-s6uu-335k-yfbc
27
vulnerability VCID-vb67-yux5-ayhf
28
vulnerability VCID-vfp6-4h8n-bkax
29
vulnerability VCID-vtq4-fpr8-hudb
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-yghg-775s-vber
34
vulnerability VCID-zgzm-wj81-jkah
35
vulnerability VCID-zjrq-np3y-hua5
36
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.3
aliases CVE-2016-2152, GHSA-6mxm-wpqv-675h
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-an53-nu91-k3d7
7
url VCID-bjnq-q2nd-1khp
vulnerability_id VCID-bjnq-q2nd-1khp
summary 
Cross-Site Request Forgery (CSRF)
The login form is not protected by a token to prevent login cross-site request forgery.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-63183
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-63183
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-16854
reference_id
reference_type
scores
0
value 0.01178
scoring_system epss
scoring_elements 0.79076
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-16854
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16854
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16854
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://moodle.org/mod/forum/discuss.php?d=378731
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=378731
5
reference_url http://www.securityfocus.com/bid/106017
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/106017
6
reference_url http://www.securitytracker.com/id/1042154
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1042154
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-16854
reference_id CVE-2018-16854
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-16854
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.0-beta
purl pkg:composer/moodle/moodle@3.1.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-ajkr-fxa1-mkhk
3
vulnerability VCID-duna-st9c-mqbk
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-k1bh-ymgt-e7cd
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-mkfz-e1ft-2bcw
9
vulnerability VCID-nntc-dsz1-e3fp
10
vulnerability VCID-qhv1-wgpm-7fh6
11
vulnerability VCID-r6kn-b963-eqge
12
vulnerability VCID-s6uu-335k-yfbc
13
vulnerability VCID-w9ca-exua-g7ar
14
vulnerability VCID-x7rg-rsb5-pya7
15
vulnerability VCID-y8up-cqtu-jkdw
16
vulnerability VCID-yghg-775s-vber
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.0-beta
1
url pkg:composer/moodle/moodle@3.1.15
purl pkg:composer/moodle/moodle@3.1.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-9t4u-n1pn-w3bd
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-deur-8zdf-2kh2
5
vulnerability VCID-eu27-a3px-87ed
6
vulnerability VCID-jcq6-btgz-fkf6
7
vulnerability VCID-k73h-z6j8-gkgz
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-mkfz-e1ft-2bcw
10
vulnerability VCID-nntc-dsz1-e3fp
11
vulnerability VCID-qhv1-wgpm-7fh6
12
vulnerability VCID-qxsq-ku22-r7gx
13
vulnerability VCID-r6kn-b963-eqge
14
vulnerability VCID-s6uu-335k-yfbc
15
vulnerability VCID-w9ca-exua-g7ar
16
vulnerability VCID-x7rg-rsb5-pya7
17
vulnerability VCID-y8up-cqtu-jkdw
18
vulnerability VCID-zjrq-np3y-hua5
19
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.15
2
url pkg:composer/moodle/moodle@3.3.9
purl pkg:composer/moodle/moodle@3.3.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-eu27-a3px-87ed
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-m3np-aebb-8qaa
5
vulnerability VCID-mkfz-e1ft-2bcw
6
vulnerability VCID-nntc-dsz1-e3fp
7
vulnerability VCID-qhv1-wgpm-7fh6
8
vulnerability VCID-w9ca-exua-g7ar
9
vulnerability VCID-x7rg-rsb5-pya7
10
vulnerability VCID-y8up-cqtu-jkdw
11
vulnerability VCID-zjrq-np3y-hua5
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.9
3
url pkg:composer/moodle/moodle@3.4.6
purl pkg:composer/moodle/moodle@3.4.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-deur-8zdf-2kh2
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-k73h-z6j8-gkgz
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-mkfz-e1ft-2bcw
9
vulnerability VCID-nntc-dsz1-e3fp
10
vulnerability VCID-qhv1-wgpm-7fh6
11
vulnerability VCID-qxsq-ku22-r7gx
12
vulnerability VCID-r6kn-b963-eqge
13
vulnerability VCID-s6uu-335k-yfbc
14
vulnerability VCID-w9ca-exua-g7ar
15
vulnerability VCID-x7rg-rsb5-pya7
16
vulnerability VCID-y8up-cqtu-jkdw
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.6
4
url pkg:composer/moodle/moodle@3.5.3
purl pkg:composer/moodle/moodle@3.5.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-3cb4-wz6x-ckcd
3
vulnerability VCID-42fa-qbft-rfff
4
vulnerability VCID-56wj-4124-ryd2
5
vulnerability VCID-6m19-4krm-2udd
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-akv3-zfp8-kkc7
8
vulnerability VCID-bbj9-hpz3-xqhh
9
vulnerability VCID-c1a1-z5m1-nfbc
10
vulnerability VCID-deur-8zdf-2kh2
11
vulnerability VCID-dpd2-1sqc-qqfy
12
vulnerability VCID-eu27-a3px-87ed
13
vulnerability VCID-fskk-cb95-uqer
14
vulnerability VCID-gnez-ehgq-rfbr
15
vulnerability VCID-hhzz-hbqz-akfw
16
vulnerability VCID-jcq6-btgz-fkf6
17
vulnerability VCID-jcsq-3q5z-4kc6
18
vulnerability VCID-k73h-z6j8-gkgz
19
vulnerability VCID-kgva-z9gg-u3dw
20
vulnerability VCID-m3np-aebb-8qaa
21
vulnerability VCID-mhm4-8kuk-t7b6
22
vulnerability VCID-mkfz-e1ft-2bcw
23
vulnerability VCID-mqde-66zm-qbbj
24
vulnerability VCID-nntc-dsz1-e3fp
25
vulnerability VCID-paj4-nq1r-jbd3
26
vulnerability VCID-pgfa-bkaw-q7cq
27
vulnerability VCID-qhv1-wgpm-7fh6
28
vulnerability VCID-qxsq-ku22-r7gx
29
vulnerability VCID-r6kn-b963-eqge
30
vulnerability VCID-s6uu-335k-yfbc
31
vulnerability VCID-w2b2-fuky-j3ff
32
vulnerability VCID-w9ca-exua-g7ar
33
vulnerability VCID-x7rg-rsb5-pya7
34
vulnerability VCID-y8up-cqtu-jkdw
35
vulnerability VCID-zjrq-np3y-hua5
36
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.3
aliases CVE-2018-16854, GHSA-xj5f-qv37-r9jc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bjnq-q2nd-1khp
8
url VCID-duna-st9c-mqbk
vulnerability_id VCID-duna-st9c-mqbk
summary 
Information Exposure
In Moodle, the quiz web services allow students to see quiz results when it is prohibited in the settings.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1044
reference_id
reference_type
scores
0
value 0.00185
scoring_system epss
scoring_elements 0.3998
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1044
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=364383
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=364383
3
reference_url http://www.securityfocus.com/bid/102754
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/102754
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1044
reference_id CVE-2018-1044
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1044
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.10
purl pkg:composer/moodle/moodle@3.1.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-9t4u-n1pn-w3bd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-b7br-bh2d-rygp
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-ckg1-9vpt-yfdk
9
vulnerability VCID-deur-8zdf-2kh2
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fegs-ubsk-63hu
12
vulnerability VCID-g8ct-c4ce-zuaf
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k73h-z6j8-gkgz
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-p2gd-7uam-mqf8
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qxsq-ku22-r7gx
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-zjrq-np3y-hua5
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.10
1
url pkg:composer/moodle/moodle@3.2.7
purl pkg:composer/moodle/moodle@3.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-b7br-bh2d-rygp
3
vulnerability VCID-ckg1-9vpt-yfdk
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-fegs-ubsk-63hu
6
vulnerability VCID-g8ct-c4ce-zuaf
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-m4zv-e3dn-budf
10
vulnerability VCID-mkfz-e1ft-2bcw
11
vulnerability VCID-nntc-dsz1-e3fp
12
vulnerability VCID-p2gd-7uam-mqf8
13
vulnerability VCID-qhv1-wgpm-7fh6
14
vulnerability VCID-w9ca-exua-g7ar
15
vulnerability VCID-x7rg-rsb5-pya7
16
vulnerability VCID-y8up-cqtu-jkdw
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.7
2
url pkg:composer/moodle/moodle@3.3.4
purl pkg:composer/moodle/moodle@3.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-8mgr-gdzj-4ybs
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-b7br-bh2d-rygp
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-ckg1-9vpt-yfdk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-fegs-ubsk-63hu
9
vulnerability VCID-fygy-9njn-abgd
10
vulnerability VCID-g8ct-c4ce-zuaf
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-mmg3-7fz9-5uak
16
vulnerability VCID-nntc-dsz1-e3fp
17
vulnerability VCID-p2gd-7uam-mqf8
18
vulnerability VCID-qhv1-wgpm-7fh6
19
vulnerability VCID-vfp6-4h8n-bkax
20
vulnerability VCID-w9ca-exua-g7ar
21
vulnerability VCID-x7rg-rsb5-pya7
22
vulnerability VCID-x9vd-njdz-jua9
23
vulnerability VCID-y8up-cqtu-jkdw
24
vulnerability VCID-zjrq-np3y-hua5
25
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.4
3
url pkg:composer/moodle/moodle@3.4.1
purl pkg:composer/moodle/moodle@3.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-b7br-bh2d-rygp
6
vulnerability VCID-bjnq-q2nd-1khp
7
vulnerability VCID-ckg1-9vpt-yfdk
8
vulnerability VCID-deur-8zdf-2kh2
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fegs-ubsk-63hu
11
vulnerability VCID-fygy-9njn-abgd
12
vulnerability VCID-g8ct-c4ce-zuaf
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k73h-z6j8-gkgz
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-mmg3-7fz9-5uak
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-p2gd-7uam-mqf8
21
vulnerability VCID-qhv1-wgpm-7fh6
22
vulnerability VCID-qxsq-ku22-r7gx
23
vulnerability VCID-r6kn-b963-eqge
24
vulnerability VCID-s6uu-335k-yfbc
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-x9vd-njdz-jua9
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.1
aliases CVE-2018-1044, GHSA-332g-xh34-5c96
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-duna-st9c-mqbk
9
url VCID-eaqp-7abt-6kg9
vulnerability_id VCID-eaqp-7abt-6kg9
summary 
Improper Access Control
The `save_submission` function in `mod/assign/externallib.php` in Moodle allows remote authenticated users to bypass intended due-date restrictions by leveraging the student role for a web-service request.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52901
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52901
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2159
reference_id
reference_type
scores
0
value 0.0021
scoring_system epss
scoring_elements 0.43403
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2159
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/0766509ab02353008af62f953f7ebc0f6210411a
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/0766509ab02353008af62f953f7ebc0f6210411a
4
reference_url https://github.com/moodle/moodle/commit/3c069c16db62d0e0a64137578e92c22d604dd261
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/3c069c16db62d0e0a64137578e92c22d604dd261
5
reference_url https://github.com/moodle/moodle/commit/711f9468d4e2792afe0f2025ac98c52ee3e4ee71
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/711f9468d4e2792afe0f2025ac98c52ee3e4ee71
6
reference_url https://github.com/moodle/moodle/commit/dc8421575f35585a7a4fc1c9710dafd1d0483d4e
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/dc8421575f35585a7a4fc1c9710dafd1d0483d4e
7
reference_url https://github.com/moodle/moodle/commit/ea8987644fdbbee291337263598b0c3c7bf27c36
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/ea8987644fdbbee291337263598b0c3c7bf27c36
8
reference_url https://moodle.org/mod/forum/discuss.php?d=330182
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=330182
9
reference_url https://web.archive.org/web/20160424224349/http://www.securitytracker.com/id/1035333
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20160424224349/http://www.securitytracker.com/id/1035333
10
reference_url http://www.openwall.com/lists/oss-security/2016/03/21/1
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/03/21/1
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2159
reference_id CVE-2016-2159
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-2159
fixed_packages
0
url pkg:composer/moodle/moodle@2.7.0-beta
purl pkg:composer/moodle/moodle@2.7.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-65y9-9ur2-pugc
2
vulnerability VCID-83kb-4mk9-t7ge
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-duna-st9c-mqbk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-fsex-f512-pudv
9
vulnerability VCID-jcq6-btgz-fkf6
10
vulnerability VCID-k1bh-ymgt-e7cd
11
vulnerability VCID-k73h-z6j8-gkgz
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-nntc-dsz1-e3fp
16
vulnerability VCID-qhv1-wgpm-7fh6
17
vulnerability VCID-r6kn-b963-eqge
18
vulnerability VCID-s6uu-335k-yfbc
19
vulnerability VCID-vb67-yux5-ayhf
20
vulnerability VCID-vfp6-4h8n-bkax
21
vulnerability VCID-w9ca-exua-g7ar
22
vulnerability VCID-x7rg-rsb5-pya7
23
vulnerability VCID-y8up-cqtu-jkdw
24
vulnerability VCID-yghg-775s-vber
25
vulnerability VCID-zjrq-np3y-hua5
26
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.0-beta
1
url pkg:composer/moodle/moodle@2.7.13
purl pkg:composer/moodle/moodle@2.7.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-4kq5-ctsv-eka8
3
vulnerability VCID-5rbf-4dz3-2qdz
4
vulnerability VCID-65y9-9ur2-pugc
5
vulnerability VCID-83kb-4mk9-t7ge
6
vulnerability VCID-8cc1-hbzm-87bx
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-bjnq-q2nd-1khp
10
vulnerability VCID-dhku-uah4-ykh8
11
vulnerability VCID-duna-st9c-mqbk
12
vulnerability VCID-eu27-a3px-87ed
13
vulnerability VCID-fsex-f512-pudv
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-k1bh-ymgt-e7cd
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-kgvw-uxf4-wbc1
18
vulnerability VCID-m3np-aebb-8qaa
19
vulnerability VCID-m4zv-e3dn-budf
20
vulnerability VCID-mkfz-e1ft-2bcw
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-qhv1-wgpm-7fh6
23
vulnerability VCID-r6kn-b963-eqge
24
vulnerability VCID-s3ue-e5h8-f3dy
25
vulnerability VCID-s6uu-335k-yfbc
26
vulnerability VCID-vb67-yux5-ayhf
27
vulnerability VCID-vfp6-4h8n-bkax
28
vulnerability VCID-vtq4-fpr8-hudb
29
vulnerability VCID-w9ca-exua-g7ar
30
vulnerability VCID-x7rg-rsb5-pya7
31
vulnerability VCID-y8up-cqtu-jkdw
32
vulnerability VCID-yghg-775s-vber
33
vulnerability VCID-zjrq-np3y-hua5
34
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.13
2
url pkg:composer/moodle/moodle@2.8.11
purl pkg:composer/moodle/moodle@2.8.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4kq5-ctsv-eka8
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8cc1-hbzm-87bx
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fsex-f512-pudv
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-k1bh-ymgt-e7cd
13
vulnerability VCID-k73h-z6j8-gkgz
14
vulnerability VCID-kgvw-uxf4-wbc1
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-r6kn-b963-eqge
21
vulnerability VCID-s3ue-e5h8-f3dy
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zjrq-np3y-hua5
30
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.11
3
url pkg:composer/moodle/moodle@2.9.5
purl pkg:composer/moodle/moodle@2.9.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4kq5-ctsv-eka8
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8cc1-hbzm-87bx
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fsex-f512-pudv
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-k1bh-ymgt-e7cd
13
vulnerability VCID-k73h-z6j8-gkgz
14
vulnerability VCID-kgvw-uxf4-wbc1
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-r6kn-b963-eqge
21
vulnerability VCID-s3ue-e5h8-f3dy
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zjrq-np3y-hua5
30
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.5
4
url pkg:composer/moodle/moodle@3.0.3
purl pkg:composer/moodle/moodle@3.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-4kq5-ctsv-eka8
3
vulnerability VCID-5rbf-4dz3-2qdz
4
vulnerability VCID-65y9-9ur2-pugc
5
vulnerability VCID-83kb-4mk9-t7ge
6
vulnerability VCID-8cc1-hbzm-87bx
7
vulnerability VCID-9nd7-4wve-97hc
8
vulnerability VCID-a6pb-47tu-afcg
9
vulnerability VCID-ajkr-fxa1-mkhk
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-dhku-uah4-ykh8
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eu27-a3px-87ed
14
vulnerability VCID-fsex-f512-pudv
15
vulnerability VCID-jcq6-btgz-fkf6
16
vulnerability VCID-k1bh-ymgt-e7cd
17
vulnerability VCID-k73h-z6j8-gkgz
18
vulnerability VCID-kgvw-uxf4-wbc1
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-qhv1-wgpm-7fh6
24
vulnerability VCID-r6kn-b963-eqge
25
vulnerability VCID-s3ue-e5h8-f3dy
26
vulnerability VCID-s6uu-335k-yfbc
27
vulnerability VCID-vb67-yux5-ayhf
28
vulnerability VCID-vfp6-4h8n-bkax
29
vulnerability VCID-vtq4-fpr8-hudb
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-yghg-775s-vber
34
vulnerability VCID-zgzm-wj81-jkah
35
vulnerability VCID-zjrq-np3y-hua5
36
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.3
aliases CVE-2016-2159, GHSA-cw72-69wq-f9f2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eaqp-7abt-6kg9
10
url VCID-eu27-a3px-87ed
vulnerability_id VCID-eu27-a3px-87ed
summary 
Improper Access Control
Teachers in an assignment group could modify group overrides for other groups in the same assignment.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10189
reference_id
reference_type
scores
0
value 0.00156
scoring_system epss
scoring_elements 0.36022
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10189
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10189
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10189
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://moodle.org/mod/forum/discuss.php?d=388570
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=388570
4
reference_url http://www.securityfocus.com/bid/109271
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/109271
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10189
reference_id CVE-2019-10189
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10189
fixed_packages
0
url pkg:composer/moodle/moodle@3.5.7
purl pkg:composer/moodle/moodle@3.5.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-42fa-qbft-rfff
2
vulnerability VCID-56wj-4124-ryd2
3
vulnerability VCID-6m19-4krm-2udd
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-bbj9-hpz3-xqhh
6
vulnerability VCID-c1a1-z5m1-nfbc
7
vulnerability VCID-dpd2-1sqc-qqfy
8
vulnerability VCID-fskk-cb95-uqer
9
vulnerability VCID-gnez-ehgq-rfbr
10
vulnerability VCID-hhzz-hbqz-akfw
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-jcsq-3q5z-4kc6
13
vulnerability VCID-kgva-z9gg-u3dw
14
vulnerability VCID-mhm4-8kuk-t7b6
15
vulnerability VCID-mkfz-e1ft-2bcw
16
vulnerability VCID-mqde-66zm-qbbj
17
vulnerability VCID-nntc-dsz1-e3fp
18
vulnerability VCID-paj4-nq1r-jbd3
19
vulnerability VCID-pgfa-bkaw-q7cq
20
vulnerability VCID-w2b2-fuky-j3ff
21
vulnerability VCID-y8up-cqtu-jkdw
22
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7
1
url pkg:composer/moodle/moodle@3.6.5
purl pkg:composer/moodle/moodle@3.6.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a6pb-47tu-afcg
1
vulnerability VCID-hhzz-hbqz-akfw
2
vulnerability VCID-jcq6-btgz-fkf6
3
vulnerability VCID-kgva-z9gg-u3dw
4
vulnerability VCID-n5tc-1k33-dfeq
5
vulnerability VCID-paj4-nq1r-jbd3
6
vulnerability VCID-w2b2-fuky-j3ff
7
vulnerability VCID-y8up-cqtu-jkdw
8
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.5
2
url pkg:composer/moodle/moodle@3.7.1
purl pkg:composer/moodle/moodle@3.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-3uvf-6ztd-xkaf
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-494p-pmxw-b7e2
4
vulnerability VCID-56wj-4124-ryd2
5
vulnerability VCID-6m19-4krm-2udd
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-c14d-1sa2-rkf6
8
vulnerability VCID-c1a1-z5m1-nfbc
9
vulnerability VCID-fskk-cb95-uqer
10
vulnerability VCID-hhzz-hbqz-akfw
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-jcsq-3q5z-4kc6
13
vulnerability VCID-kgva-z9gg-u3dw
14
vulnerability VCID-n5tc-1k33-dfeq
15
vulnerability VCID-paj4-nq1r-jbd3
16
vulnerability VCID-w2b2-fuky-j3ff
17
vulnerability VCID-y8up-cqtu-jkdw
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1
aliases CVE-2019-10189, GHSA-h7xp-7fjp-ghhc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eu27-a3px-87ed
11
url VCID-fsex-f512-pudv
vulnerability_id VCID-fsex-f512-pudv
summary 
Injection Vulnerability
In Moodle, text injection can occur in email headers, potentially leading to outbound spam.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5013
reference_id
reference_type
scores
0
value 0.00363
scoring_system epss
scoring_elements 0.58644
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5013
1
reference_url https://github.com/moodle/moodle/commit/ed63718caa48803843a14140d8a27f04aba9c8c4
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/ed63718caa48803843a14140d8a27f04aba9c8c4
2
reference_url https://moodle.org/mod/forum/discuss.php?d=336698
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=336698
3
reference_url https://web.archive.org/web/20210123154543/http://www.securityfocus.com/bid/92040
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123154543/http://www.securityfocus.com/bid/92040
4
reference_url http://www.securityfocus.com/bid/92040
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/92040
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5013
reference_id CVE-2016-5013
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-5013
fixed_packages
0
url pkg:composer/moodle/moodle@2.7.15
purl pkg:composer/moodle/moodle@2.7.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-5rbf-4dz3-2qdz
3
vulnerability VCID-65y9-9ur2-pugc
4
vulnerability VCID-83kb-4mk9-t7ge
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-dhku-uah4-ykh8
9
vulnerability VCID-duna-st9c-mqbk
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-k1bh-ymgt-e7cd
13
vulnerability VCID-k73h-z6j8-gkgz
14
vulnerability VCID-m3np-aebb-8qaa
15
vulnerability VCID-m4zv-e3dn-budf
16
vulnerability VCID-mkfz-e1ft-2bcw
17
vulnerability VCID-nntc-dsz1-e3fp
18
vulnerability VCID-qhv1-wgpm-7fh6
19
vulnerability VCID-r6kn-b963-eqge
20
vulnerability VCID-s6uu-335k-yfbc
21
vulnerability VCID-vb67-yux5-ayhf
22
vulnerability VCID-vfp6-4h8n-bkax
23
vulnerability VCID-vtq4-fpr8-hudb
24
vulnerability VCID-w9ca-exua-g7ar
25
vulnerability VCID-x7rg-rsb5-pya7
26
vulnerability VCID-y8up-cqtu-jkdw
27
vulnerability VCID-yghg-775s-vber
28
vulnerability VCID-zjrq-np3y-hua5
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.15
1
url pkg:composer/moodle/moodle@2.9.0-beta
purl pkg:composer/moodle/moodle@2.9.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-ajkr-fxa1-mkhk
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-duna-st9c-mqbk
6
vulnerability VCID-eu27-a3px-87ed
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-k1bh-ymgt-e7cd
9
vulnerability VCID-k73h-z6j8-gkgz
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-m4zv-e3dn-budf
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-r6kn-b963-eqge
16
vulnerability VCID-s6uu-335k-yfbc
17
vulnerability VCID-vfp6-4h8n-bkax
18
vulnerability VCID-w9ca-exua-g7ar
19
vulnerability VCID-x7rg-rsb5-pya7
20
vulnerability VCID-y8up-cqtu-jkdw
21
vulnerability VCID-yghg-775s-vber
22
vulnerability VCID-zjrq-np3y-hua5
23
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.0-beta
2
url pkg:composer/moodle/moodle@2.9.7
purl pkg:composer/moodle/moodle@2.9.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-65y9-9ur2-pugc
2
vulnerability VCID-83kb-4mk9-t7ge
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-duna-st9c-mqbk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-jcq6-btgz-fkf6
9
vulnerability VCID-k1bh-ymgt-e7cd
10
vulnerability VCID-k73h-z6j8-gkgz
11
vulnerability VCID-m3np-aebb-8qaa
12
vulnerability VCID-m4zv-e3dn-budf
13
vulnerability VCID-mkfz-e1ft-2bcw
14
vulnerability VCID-nntc-dsz1-e3fp
15
vulnerability VCID-qhv1-wgpm-7fh6
16
vulnerability VCID-r6kn-b963-eqge
17
vulnerability VCID-s6uu-335k-yfbc
18
vulnerability VCID-vb67-yux5-ayhf
19
vulnerability VCID-vfp6-4h8n-bkax
20
vulnerability VCID-w9ca-exua-g7ar
21
vulnerability VCID-x7rg-rsb5-pya7
22
vulnerability VCID-y8up-cqtu-jkdw
23
vulnerability VCID-yghg-775s-vber
24
vulnerability VCID-zjrq-np3y-hua5
25
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.7
3
url pkg:composer/moodle/moodle@3.0.5
purl pkg:composer/moodle/moodle@3.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-5rbf-4dz3-2qdz
3
vulnerability VCID-65y9-9ur2-pugc
4
vulnerability VCID-83kb-4mk9-t7ge
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-ajkr-fxa1-mkhk
8
vulnerability VCID-bjnq-q2nd-1khp
9
vulnerability VCID-dhku-uah4-ykh8
10
vulnerability VCID-duna-st9c-mqbk
11
vulnerability VCID-eu27-a3px-87ed
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k73h-z6j8-gkgz
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-r6kn-b963-eqge
21
vulnerability VCID-s6uu-335k-yfbc
22
vulnerability VCID-vb67-yux5-ayhf
23
vulnerability VCID-vfp6-4h8n-bkax
24
vulnerability VCID-vtq4-fpr8-hudb
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zgzm-wj81-jkah
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.5
4
url pkg:composer/moodle/moodle@3.1.1
purl pkg:composer/moodle/moodle@3.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-336n-hpzg-euhd
3
vulnerability VCID-4rz2-b4e3-87g5
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-65y9-9ur2-pugc
6
vulnerability VCID-83kb-4mk9-t7ge
7
vulnerability VCID-8mgr-gdzj-4ybs
8
vulnerability VCID-9nd7-4wve-97hc
9
vulnerability VCID-9t4u-n1pn-w3bd
10
vulnerability VCID-a6pb-47tu-afcg
11
vulnerability VCID-ajkr-fxa1-mkhk
12
vulnerability VCID-b7br-bh2d-rygp
13
vulnerability VCID-bjnq-q2nd-1khp
14
vulnerability VCID-ckg1-9vpt-yfdk
15
vulnerability VCID-deur-8zdf-2kh2
16
vulnerability VCID-dhku-uah4-ykh8
17
vulnerability VCID-duna-st9c-mqbk
18
vulnerability VCID-e2zc-7ujn-wybu
19
vulnerability VCID-eu27-a3px-87ed
20
vulnerability VCID-fegs-ubsk-63hu
21
vulnerability VCID-g8ct-c4ce-zuaf
22
vulnerability VCID-jcq6-btgz-fkf6
23
vulnerability VCID-jn5n-6hg9-tyf7
24
vulnerability VCID-k1bh-ymgt-e7cd
25
vulnerability VCID-k73h-z6j8-gkgz
26
vulnerability VCID-m3np-aebb-8qaa
27
vulnerability VCID-m4zv-e3dn-budf
28
vulnerability VCID-mkfz-e1ft-2bcw
29
vulnerability VCID-nntc-dsz1-e3fp
30
vulnerability VCID-p2gd-7uam-mqf8
31
vulnerability VCID-q2fa-jymp-c3bb
32
vulnerability VCID-qhv1-wgpm-7fh6
33
vulnerability VCID-qxsq-ku22-r7gx
34
vulnerability VCID-r6kn-b963-eqge
35
vulnerability VCID-s6uu-335k-yfbc
36
vulnerability VCID-vb67-yux5-ayhf
37
vulnerability VCID-vfp6-4h8n-bkax
38
vulnerability VCID-vtq4-fpr8-hudb
39
vulnerability VCID-w9ca-exua-g7ar
40
vulnerability VCID-x7rg-rsb5-pya7
41
vulnerability VCID-x927-nh46-7fdy
42
vulnerability VCID-y8up-cqtu-jkdw
43
vulnerability VCID-yghg-775s-vber
44
vulnerability VCID-yp82-zj5g-pbaf
45
vulnerability VCID-zgzm-wj81-jkah
46
vulnerability VCID-zjrq-np3y-hua5
47
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.1
aliases CVE-2016-5013, GHSA-2hh3-jmv8-5fmx
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fsex-f512-pudv
12
url VCID-jcq6-btgz-fkf6
vulnerability_id VCID-jcq6-btgz-fkf6
summary 
Cross-site Scripting
It was found in Moodle that some search inputs were vulnerable to reflected XSS due to insufficient escaping of search queries.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20183
reference_id
reference_type
scores
0
value 0.00455
scoring_system epss
scoring_elements 0.64171
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20183
1
reference_url https://github.com/moodle/moodle/commit/dc9de7b0d487b73c23c221dc0b8b6e01654921f3
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/dc9de7b0d487b73c23c221dc0b8b6e01654921f3
2
reference_url https://moodle.org/mod/forum/discuss.php?d=417166
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=417166
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20183
reference_id CVE-2021-20183
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20183
fixed_packages
0
url pkg:composer/moodle/moodle@3.10.1
purl pkg:composer/moodle/moodle@3.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-bu6d-ns3s-fuck
2
vulnerability VCID-dpd2-1sqc-qqfy
3
vulnerability VCID-gnez-ehgq-rfbr
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.1
1
url pkg:composer/moodle/moodle@4.0.0-beta
purl pkg:composer/moodle/moodle@4.0.0-beta
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.0-beta
aliases CVE-2021-20183, GHSA-xhfx-rm8q-c3xv
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jcq6-btgz-fkf6
13
url VCID-k1bh-ymgt-e7cd
vulnerability_id VCID-k1bh-ymgt-e7cd
summary 
Unrestricted Upload of File with Dangerous Type
Unrestricted file upload vulnerability in the double extension support in the "image" module in Moodle allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, and then accessing it via unspecified vectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9187
reference_id
reference_type
scores
0
value 0.02078
scoring_system epss
scoring_elements 0.84283
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9187
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://packetstormsecurity.com/files/139466/Moodle-CMS-3.1.2-Cross-Site-Scripting-File-Upload.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://packetstormsecurity.com/files/139466/Moodle-CMS-3.1.2-Cross-Site-Scripting-File-Upload.html
3
reference_url http://www.securityfocus.com/bid/94191
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/94191
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9187
reference_id CVE-2016-9187
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9187
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.3
purl pkg:composer/moodle/moodle@3.1.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-336n-hpzg-euhd
3
vulnerability VCID-4rz2-b4e3-87g5
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-65y9-9ur2-pugc
6
vulnerability VCID-83kb-4mk9-t7ge
7
vulnerability VCID-8mgr-gdzj-4ybs
8
vulnerability VCID-9nd7-4wve-97hc
9
vulnerability VCID-9t4u-n1pn-w3bd
10
vulnerability VCID-a6pb-47tu-afcg
11
vulnerability VCID-ajkr-fxa1-mkhk
12
vulnerability VCID-b7br-bh2d-rygp
13
vulnerability VCID-bjnq-q2nd-1khp
14
vulnerability VCID-ckg1-9vpt-yfdk
15
vulnerability VCID-deur-8zdf-2kh2
16
vulnerability VCID-dhku-uah4-ykh8
17
vulnerability VCID-duna-st9c-mqbk
18
vulnerability VCID-e2zc-7ujn-wybu
19
vulnerability VCID-eu27-a3px-87ed
20
vulnerability VCID-fegs-ubsk-63hu
21
vulnerability VCID-g8ct-c4ce-zuaf
22
vulnerability VCID-jcq6-btgz-fkf6
23
vulnerability VCID-jn5n-6hg9-tyf7
24
vulnerability VCID-k73h-z6j8-gkgz
25
vulnerability VCID-m3np-aebb-8qaa
26
vulnerability VCID-m4zv-e3dn-budf
27
vulnerability VCID-mkfz-e1ft-2bcw
28
vulnerability VCID-nntc-dsz1-e3fp
29
vulnerability VCID-p2gd-7uam-mqf8
30
vulnerability VCID-q2fa-jymp-c3bb
31
vulnerability VCID-qhv1-wgpm-7fh6
32
vulnerability VCID-qxsq-ku22-r7gx
33
vulnerability VCID-r6kn-b963-eqge
34
vulnerability VCID-s6uu-335k-yfbc
35
vulnerability VCID-vfp6-4h8n-bkax
36
vulnerability VCID-vtq4-fpr8-hudb
37
vulnerability VCID-w9ca-exua-g7ar
38
vulnerability VCID-x7rg-rsb5-pya7
39
vulnerability VCID-x927-nh46-7fdy
40
vulnerability VCID-y8up-cqtu-jkdw
41
vulnerability VCID-yghg-775s-vber
42
vulnerability VCID-yp82-zj5g-pbaf
43
vulnerability VCID-zgzm-wj81-jkah
44
vulnerability VCID-zjrq-np3y-hua5
45
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.3
aliases CVE-2016-9187, GHSA-58fm-v4pr-jh8p
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k1bh-ymgt-e7cd
14
url VCID-k6pw-51st-b3d2
vulnerability_id VCID-k6pw-51st-b3d2
summary 
Cross-site Scripting
Cross-site scripting (XSS) vulnerability in the `advanced-search` feature in `mod_data` in Moodle allows remote attackers to inject arbitrary web script or HTML via a crafted field in a URL.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52727
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52727
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2153
reference_id
reference_type
scores
0
value 0.00223
scoring_system epss
scoring_elements 0.44992
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2153
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/87e60e529939c60ef5b07d70c37426d359b2e8a2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/87e60e529939c60ef5b07d70c37426d359b2e8a2
4
reference_url https://github.com/moodle/moodle/commit/8f95eac1634b4d84053cef52a03065e620d6adf2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/8f95eac1634b4d84053cef52a03065e620d6adf2
5
reference_url https://github.com/moodle/moodle/commit/a5fae3b0d21cc85a7ea2d2c2af8c7fc9acf2fd92
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/a5fae3b0d21cc85a7ea2d2c2af8c7fc9acf2fd92
6
reference_url https://github.com/moodle/moodle/commit/de60fc23aeeef5631d5718469124af3257383ead
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/de60fc23aeeef5631d5718469124af3257383ead
7
reference_url https://github.com/moodle/moodle/commit/ead2dd9c161fcfde04ee1fa602e9101a47c53503
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/ead2dd9c161fcfde04ee1fa602e9101a47c53503
8
reference_url https://moodle.org/mod/forum/discuss.php?d=330175
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=330175
9
reference_url https://web.archive.org/web/20160424224349/http://www.securitytracker.com/id/1035333
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20160424224349/http://www.securitytracker.com/id/1035333
10
reference_url http://www.openwall.com/lists/oss-security/2016/03/21/1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/03/21/1
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2153
reference_id CVE-2016-2153
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-2153
fixed_packages
0
url pkg:composer/moodle/moodle@2.7.0-beta
purl pkg:composer/moodle/moodle@2.7.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-65y9-9ur2-pugc
2
vulnerability VCID-83kb-4mk9-t7ge
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-duna-st9c-mqbk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-fsex-f512-pudv
9
vulnerability VCID-jcq6-btgz-fkf6
10
vulnerability VCID-k1bh-ymgt-e7cd
11
vulnerability VCID-k73h-z6j8-gkgz
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-nntc-dsz1-e3fp
16
vulnerability VCID-qhv1-wgpm-7fh6
17
vulnerability VCID-r6kn-b963-eqge
18
vulnerability VCID-s6uu-335k-yfbc
19
vulnerability VCID-vb67-yux5-ayhf
20
vulnerability VCID-vfp6-4h8n-bkax
21
vulnerability VCID-w9ca-exua-g7ar
22
vulnerability VCID-x7rg-rsb5-pya7
23
vulnerability VCID-y8up-cqtu-jkdw
24
vulnerability VCID-yghg-775s-vber
25
vulnerability VCID-zjrq-np3y-hua5
26
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.0-beta
1
url pkg:composer/moodle/moodle@2.7.13
purl pkg:composer/moodle/moodle@2.7.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-4kq5-ctsv-eka8
3
vulnerability VCID-5rbf-4dz3-2qdz
4
vulnerability VCID-65y9-9ur2-pugc
5
vulnerability VCID-83kb-4mk9-t7ge
6
vulnerability VCID-8cc1-hbzm-87bx
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-bjnq-q2nd-1khp
10
vulnerability VCID-dhku-uah4-ykh8
11
vulnerability VCID-duna-st9c-mqbk
12
vulnerability VCID-eu27-a3px-87ed
13
vulnerability VCID-fsex-f512-pudv
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-k1bh-ymgt-e7cd
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-kgvw-uxf4-wbc1
18
vulnerability VCID-m3np-aebb-8qaa
19
vulnerability VCID-m4zv-e3dn-budf
20
vulnerability VCID-mkfz-e1ft-2bcw
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-qhv1-wgpm-7fh6
23
vulnerability VCID-r6kn-b963-eqge
24
vulnerability VCID-s3ue-e5h8-f3dy
25
vulnerability VCID-s6uu-335k-yfbc
26
vulnerability VCID-vb67-yux5-ayhf
27
vulnerability VCID-vfp6-4h8n-bkax
28
vulnerability VCID-vtq4-fpr8-hudb
29
vulnerability VCID-w9ca-exua-g7ar
30
vulnerability VCID-x7rg-rsb5-pya7
31
vulnerability VCID-y8up-cqtu-jkdw
32
vulnerability VCID-yghg-775s-vber
33
vulnerability VCID-zjrq-np3y-hua5
34
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.13
2
url pkg:composer/moodle/moodle@2.8.11
purl pkg:composer/moodle/moodle@2.8.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4kq5-ctsv-eka8
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8cc1-hbzm-87bx
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fsex-f512-pudv
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-k1bh-ymgt-e7cd
13
vulnerability VCID-k73h-z6j8-gkgz
14
vulnerability VCID-kgvw-uxf4-wbc1
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-r6kn-b963-eqge
21
vulnerability VCID-s3ue-e5h8-f3dy
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zjrq-np3y-hua5
30
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.11
3
url pkg:composer/moodle/moodle@2.9.5
purl pkg:composer/moodle/moodle@2.9.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4kq5-ctsv-eka8
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8cc1-hbzm-87bx
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fsex-f512-pudv
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-k1bh-ymgt-e7cd
13
vulnerability VCID-k73h-z6j8-gkgz
14
vulnerability VCID-kgvw-uxf4-wbc1
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-r6kn-b963-eqge
21
vulnerability VCID-s3ue-e5h8-f3dy
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zjrq-np3y-hua5
30
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.5
4
url pkg:composer/moodle/moodle@3.0.3
purl pkg:composer/moodle/moodle@3.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-4kq5-ctsv-eka8
3
vulnerability VCID-5rbf-4dz3-2qdz
4
vulnerability VCID-65y9-9ur2-pugc
5
vulnerability VCID-83kb-4mk9-t7ge
6
vulnerability VCID-8cc1-hbzm-87bx
7
vulnerability VCID-9nd7-4wve-97hc
8
vulnerability VCID-a6pb-47tu-afcg
9
vulnerability VCID-ajkr-fxa1-mkhk
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-dhku-uah4-ykh8
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eu27-a3px-87ed
14
vulnerability VCID-fsex-f512-pudv
15
vulnerability VCID-jcq6-btgz-fkf6
16
vulnerability VCID-k1bh-ymgt-e7cd
17
vulnerability VCID-k73h-z6j8-gkgz
18
vulnerability VCID-kgvw-uxf4-wbc1
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-qhv1-wgpm-7fh6
24
vulnerability VCID-r6kn-b963-eqge
25
vulnerability VCID-s3ue-e5h8-f3dy
26
vulnerability VCID-s6uu-335k-yfbc
27
vulnerability VCID-vb67-yux5-ayhf
28
vulnerability VCID-vfp6-4h8n-bkax
29
vulnerability VCID-vtq4-fpr8-hudb
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-yghg-775s-vber
34
vulnerability VCID-zgzm-wj81-jkah
35
vulnerability VCID-zjrq-np3y-hua5
36
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.3
aliases CVE-2016-2153, GHSA-mj85-3hqq-r6r9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k6pw-51st-b3d2
15
url VCID-k73h-z6j8-gkgz
vulnerability_id VCID-k73h-z6j8-gkgz
summary 
Information Exposure
The `/userpix/` page did not escape users' full names, which are included as text when hovering over profile images. Note this page is not linked to by default and its access is restricted.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-64372
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-64372
1
reference_url http://packetstormsecurity.com/files/162399/Moodle-3.6.1-Cross-Site-Scripting.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/162399/Moodle-3.6.1-Cross-Site-Scripting.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3810
reference_id
reference_type
scores
0
value 0.08385
scoring_system epss
scoring_elements 0.92457
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3810
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3810
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3810
4
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
5
reference_url https://moodle.org/mod/forum/discuss.php?d=381230#p1536767
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=381230#p1536767
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/49814.txt
reference_id CVE-2019-3810
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/49814.txt
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-3810
reference_id CVE-2019-3810
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-3810
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.0-beta
purl pkg:composer/moodle/moodle@3.1.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-ajkr-fxa1-mkhk
3
vulnerability VCID-duna-st9c-mqbk
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-k1bh-ymgt-e7cd
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-mkfz-e1ft-2bcw
9
vulnerability VCID-nntc-dsz1-e3fp
10
vulnerability VCID-qhv1-wgpm-7fh6
11
vulnerability VCID-r6kn-b963-eqge
12
vulnerability VCID-s6uu-335k-yfbc
13
vulnerability VCID-w9ca-exua-g7ar
14
vulnerability VCID-x7rg-rsb5-pya7
15
vulnerability VCID-y8up-cqtu-jkdw
16
vulnerability VCID-yghg-775s-vber
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.0-beta
1
url pkg:composer/moodle/moodle@3.1.15
purl pkg:composer/moodle/moodle@3.1.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-9t4u-n1pn-w3bd
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-deur-8zdf-2kh2
5
vulnerability VCID-eu27-a3px-87ed
6
vulnerability VCID-jcq6-btgz-fkf6
7
vulnerability VCID-k73h-z6j8-gkgz
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-mkfz-e1ft-2bcw
10
vulnerability VCID-nntc-dsz1-e3fp
11
vulnerability VCID-qhv1-wgpm-7fh6
12
vulnerability VCID-qxsq-ku22-r7gx
13
vulnerability VCID-r6kn-b963-eqge
14
vulnerability VCID-s6uu-335k-yfbc
15
vulnerability VCID-w9ca-exua-g7ar
16
vulnerability VCID-x7rg-rsb5-pya7
17
vulnerability VCID-y8up-cqtu-jkdw
18
vulnerability VCID-zjrq-np3y-hua5
19
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.15
2
url pkg:composer/moodle/moodle@3.1.16
purl pkg:composer/moodle/moodle@3.1.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qhv1-wgpm-7fh6
9
vulnerability VCID-qxsq-ku22-r7gx
10
vulnerability VCID-r6kn-b963-eqge
11
vulnerability VCID-s6uu-335k-yfbc
12
vulnerability VCID-w9ca-exua-g7ar
13
vulnerability VCID-x7rg-rsb5-pya7
14
vulnerability VCID-y8up-cqtu-jkdw
15
vulnerability VCID-zjrq-np3y-hua5
16
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.16
3
url pkg:composer/moodle/moodle@3.4.6
purl pkg:composer/moodle/moodle@3.4.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-deur-8zdf-2kh2
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-k73h-z6j8-gkgz
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-mkfz-e1ft-2bcw
9
vulnerability VCID-nntc-dsz1-e3fp
10
vulnerability VCID-qhv1-wgpm-7fh6
11
vulnerability VCID-qxsq-ku22-r7gx
12
vulnerability VCID-r6kn-b963-eqge
13
vulnerability VCID-s6uu-335k-yfbc
14
vulnerability VCID-w9ca-exua-g7ar
15
vulnerability VCID-x7rg-rsb5-pya7
16
vulnerability VCID-y8up-cqtu-jkdw
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.6
4
url pkg:composer/moodle/moodle@3.4.7
purl pkg:composer/moodle/moodle@3.4.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qhv1-wgpm-7fh6
9
vulnerability VCID-qxsq-ku22-r7gx
10
vulnerability VCID-r6kn-b963-eqge
11
vulnerability VCID-s6uu-335k-yfbc
12
vulnerability VCID-w9ca-exua-g7ar
13
vulnerability VCID-x7rg-rsb5-pya7
14
vulnerability VCID-y8up-cqtu-jkdw
15
vulnerability VCID-zjrq-np3y-hua5
16
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.7
5
url pkg:composer/moodle/moodle@3.5.3
purl pkg:composer/moodle/moodle@3.5.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-3cb4-wz6x-ckcd
3
vulnerability VCID-42fa-qbft-rfff
4
vulnerability VCID-56wj-4124-ryd2
5
vulnerability VCID-6m19-4krm-2udd
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-akv3-zfp8-kkc7
8
vulnerability VCID-bbj9-hpz3-xqhh
9
vulnerability VCID-c1a1-z5m1-nfbc
10
vulnerability VCID-deur-8zdf-2kh2
11
vulnerability VCID-dpd2-1sqc-qqfy
12
vulnerability VCID-eu27-a3px-87ed
13
vulnerability VCID-fskk-cb95-uqer
14
vulnerability VCID-gnez-ehgq-rfbr
15
vulnerability VCID-hhzz-hbqz-akfw
16
vulnerability VCID-jcq6-btgz-fkf6
17
vulnerability VCID-jcsq-3q5z-4kc6
18
vulnerability VCID-k73h-z6j8-gkgz
19
vulnerability VCID-kgva-z9gg-u3dw
20
vulnerability VCID-m3np-aebb-8qaa
21
vulnerability VCID-mhm4-8kuk-t7b6
22
vulnerability VCID-mkfz-e1ft-2bcw
23
vulnerability VCID-mqde-66zm-qbbj
24
vulnerability VCID-nntc-dsz1-e3fp
25
vulnerability VCID-paj4-nq1r-jbd3
26
vulnerability VCID-pgfa-bkaw-q7cq
27
vulnerability VCID-qhv1-wgpm-7fh6
28
vulnerability VCID-qxsq-ku22-r7gx
29
vulnerability VCID-r6kn-b963-eqge
30
vulnerability VCID-s6uu-335k-yfbc
31
vulnerability VCID-w2b2-fuky-j3ff
32
vulnerability VCID-w9ca-exua-g7ar
33
vulnerability VCID-x7rg-rsb5-pya7
34
vulnerability VCID-y8up-cqtu-jkdw
35
vulnerability VCID-zjrq-np3y-hua5
36
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.3
6
url pkg:composer/moodle/moodle@3.5.4
purl pkg:composer/moodle/moodle@3.5.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-3cb4-wz6x-ckcd
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-56wj-4124-ryd2
4
vulnerability VCID-6m19-4krm-2udd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-akv3-zfp8-kkc7
7
vulnerability VCID-bbj9-hpz3-xqhh
8
vulnerability VCID-c1a1-z5m1-nfbc
9
vulnerability VCID-deur-8zdf-2kh2
10
vulnerability VCID-dpd2-1sqc-qqfy
11
vulnerability VCID-eu27-a3px-87ed
12
vulnerability VCID-fskk-cb95-uqer
13
vulnerability VCID-gnez-ehgq-rfbr
14
vulnerability VCID-hhzz-hbqz-akfw
15
vulnerability VCID-jcq6-btgz-fkf6
16
vulnerability VCID-jcsq-3q5z-4kc6
17
vulnerability VCID-kgva-z9gg-u3dw
18
vulnerability VCID-m3np-aebb-8qaa
19
vulnerability VCID-mhm4-8kuk-t7b6
20
vulnerability VCID-mkfz-e1ft-2bcw
21
vulnerability VCID-mqde-66zm-qbbj
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-paj4-nq1r-jbd3
24
vulnerability VCID-pgfa-bkaw-q7cq
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-qxsq-ku22-r7gx
27
vulnerability VCID-r6kn-b963-eqge
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-w2b2-fuky-j3ff
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-zjrq-np3y-hua5
34
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.4
7
url pkg:composer/moodle/moodle@3.6.1
purl pkg:composer/moodle/moodle@3.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-akv3-zfp8-kkc7
4
vulnerability VCID-deur-8zdf-2kh2
5
vulnerability VCID-eu27-a3px-87ed
6
vulnerability VCID-hhzz-hbqz-akfw
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-k73h-z6j8-gkgz
9
vulnerability VCID-kgva-z9gg-u3dw
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-n5tc-1k33-dfeq
12
vulnerability VCID-paj4-nq1r-jbd3
13
vulnerability VCID-qhv1-wgpm-7fh6
14
vulnerability VCID-qxsq-ku22-r7gx
15
vulnerability VCID-r6kn-b963-eqge
16
vulnerability VCID-s6uu-335k-yfbc
17
vulnerability VCID-w2b2-fuky-j3ff
18
vulnerability VCID-w9ca-exua-g7ar
19
vulnerability VCID-x7rg-rsb5-pya7
20
vulnerability VCID-y8up-cqtu-jkdw
21
vulnerability VCID-zjrq-np3y-hua5
22
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.1
8
url pkg:composer/moodle/moodle@3.6.2
purl pkg:composer/moodle/moodle@3.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-akv3-zfp8-kkc7
3
vulnerability VCID-deur-8zdf-2kh2
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-hhzz-hbqz-akfw
6
vulnerability VCID-jcq6-btgz-fkf6
7
vulnerability VCID-kgva-z9gg-u3dw
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-n5tc-1k33-dfeq
10
vulnerability VCID-paj4-nq1r-jbd3
11
vulnerability VCID-qhv1-wgpm-7fh6
12
vulnerability VCID-qxsq-ku22-r7gx
13
vulnerability VCID-r6kn-b963-eqge
14
vulnerability VCID-s6uu-335k-yfbc
15
vulnerability VCID-w2b2-fuky-j3ff
16
vulnerability VCID-w9ca-exua-g7ar
17
vulnerability VCID-x7rg-rsb5-pya7
18
vulnerability VCID-y8up-cqtu-jkdw
19
vulnerability VCID-zjrq-np3y-hua5
20
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.2
aliases CVE-2019-3810, GHSA-wm4w-8vc6-2j4h
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k73h-z6j8-gkgz
16
url VCID-m3np-aebb-8qaa
vulnerability_id VCID-m3np-aebb-8qaa
summary 
Improper Access Control
A web service fetching messages was not restricted to the current user's conversations.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10154
reference_id
reference_type
scores
0
value 0.00236
scoring_system epss
scoring_elements 0.4672
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10154
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10154
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10154
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/2904a7f851da8e66be12f41d55068bf07817fbd6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/2904a7f851da8e66be12f41d55068bf07817fbd6
4
reference_url https://github.com/moodle/moodle/commit/a3d19efab4aff83c07db9f0ad34c8f0e1f29c64c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/a3d19efab4aff83c07db9f0ad34c8f0e1f29c64c
5
reference_url https://moodle.org/mod/forum/discuss.php?d=386521
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=386521
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10154
reference_id CVE-2019-10154
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10154
fixed_packages
0
url pkg:composer/moodle/moodle@3.6.4
purl pkg:composer/moodle/moodle@3.6.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-eu27-a3px-87ed
3
vulnerability VCID-hhzz-hbqz-akfw
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-kgva-z9gg-u3dw
6
vulnerability VCID-n5tc-1k33-dfeq
7
vulnerability VCID-paj4-nq1r-jbd3
8
vulnerability VCID-w2b2-fuky-j3ff
9
vulnerability VCID-w9ca-exua-g7ar
10
vulnerability VCID-x7rg-rsb5-pya7
11
vulnerability VCID-y8up-cqtu-jkdw
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.4
aliases CVE-2019-10154, GHSA-ww45-x87c-wgff
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m3np-aebb-8qaa
17
url VCID-m4zv-e3dn-budf
vulnerability_id VCID-m4zv-e3dn-budf
summary 
Improper Access Control
Unauthenticated users can trigger custom messages to admin via paypal enrol script. Paypal IPN callback script should only send error emails to admin after request origin was verified, otherwise admin email can be spammed.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1081
reference_id
reference_type
scores
0
value 0.00927
scoring_system epss
scoring_elements 0.76428
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1081
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-61392
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-61392
3
reference_url https://moodle.org/mod/forum/discuss.php?d=367938
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=367938
4
reference_url http://www.securityfocus.com/bid/103728
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/103728
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1081
reference_id CVE-2018-1081
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1081
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.0-beta
purl pkg:composer/moodle/moodle@3.1.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-ajkr-fxa1-mkhk
3
vulnerability VCID-duna-st9c-mqbk
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-k1bh-ymgt-e7cd
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-mkfz-e1ft-2bcw
9
vulnerability VCID-nntc-dsz1-e3fp
10
vulnerability VCID-qhv1-wgpm-7fh6
11
vulnerability VCID-r6kn-b963-eqge
12
vulnerability VCID-s6uu-335k-yfbc
13
vulnerability VCID-w9ca-exua-g7ar
14
vulnerability VCID-x7rg-rsb5-pya7
15
vulnerability VCID-y8up-cqtu-jkdw
16
vulnerability VCID-yghg-775s-vber
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.0-beta
1
url pkg:composer/moodle/moodle@3.1.11
purl pkg:composer/moodle/moodle@3.1.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-9t4u-n1pn-w3bd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-b7br-bh2d-rygp
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-ckg1-9vpt-yfdk
9
vulnerability VCID-deur-8zdf-2kh2
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fegs-ubsk-63hu
12
vulnerability VCID-g8ct-c4ce-zuaf
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k73h-z6j8-gkgz
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-mkfz-e1ft-2bcw
17
vulnerability VCID-nntc-dsz1-e3fp
18
vulnerability VCID-p2gd-7uam-mqf8
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-qxsq-ku22-r7gx
21
vulnerability VCID-r6kn-b963-eqge
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vfp6-4h8n-bkax
24
vulnerability VCID-w9ca-exua-g7ar
25
vulnerability VCID-x7rg-rsb5-pya7
26
vulnerability VCID-y8up-cqtu-jkdw
27
vulnerability VCID-zjrq-np3y-hua5
28
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.11
2
url pkg:composer/moodle/moodle@3.2.8
purl pkg:composer/moodle/moodle@3.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-b7br-bh2d-rygp
3
vulnerability VCID-ckg1-9vpt-yfdk
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-fegs-ubsk-63hu
6
vulnerability VCID-g8ct-c4ce-zuaf
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-mkfz-e1ft-2bcw
10
vulnerability VCID-nntc-dsz1-e3fp
11
vulnerability VCID-p2gd-7uam-mqf8
12
vulnerability VCID-qhv1-wgpm-7fh6
13
vulnerability VCID-w9ca-exua-g7ar
14
vulnerability VCID-x7rg-rsb5-pya7
15
vulnerability VCID-y8up-cqtu-jkdw
16
vulnerability VCID-zjrq-np3y-hua5
17
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.8
3
url pkg:composer/moodle/moodle@3.3.5
purl pkg:composer/moodle/moodle@3.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-8mgr-gdzj-4ybs
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-b7br-bh2d-rygp
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-ckg1-9vpt-yfdk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-fegs-ubsk-63hu
9
vulnerability VCID-g8ct-c4ce-zuaf
10
vulnerability VCID-jcq6-btgz-fkf6
11
vulnerability VCID-m3np-aebb-8qaa
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-mmg3-7fz9-5uak
14
vulnerability VCID-nntc-dsz1-e3fp
15
vulnerability VCID-p2gd-7uam-mqf8
16
vulnerability VCID-qhv1-wgpm-7fh6
17
vulnerability VCID-vfp6-4h8n-bkax
18
vulnerability VCID-w9ca-exua-g7ar
19
vulnerability VCID-x7rg-rsb5-pya7
20
vulnerability VCID-x9vd-njdz-jua9
21
vulnerability VCID-y8up-cqtu-jkdw
22
vulnerability VCID-zjrq-np3y-hua5
23
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.5
4
url pkg:composer/moodle/moodle@3.4.2
purl pkg:composer/moodle/moodle@3.4.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-b7br-bh2d-rygp
6
vulnerability VCID-bjnq-q2nd-1khp
7
vulnerability VCID-ckg1-9vpt-yfdk
8
vulnerability VCID-deur-8zdf-2kh2
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fegs-ubsk-63hu
11
vulnerability VCID-g8ct-c4ce-zuaf
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k73h-z6j8-gkgz
14
vulnerability VCID-m3np-aebb-8qaa
15
vulnerability VCID-mkfz-e1ft-2bcw
16
vulnerability VCID-mmg3-7fz9-5uak
17
vulnerability VCID-nntc-dsz1-e3fp
18
vulnerability VCID-p2gd-7uam-mqf8
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-qxsq-ku22-r7gx
21
vulnerability VCID-r6kn-b963-eqge
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vfp6-4h8n-bkax
24
vulnerability VCID-w9ca-exua-g7ar
25
vulnerability VCID-x7rg-rsb5-pya7
26
vulnerability VCID-x9vd-njdz-jua9
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-zjrq-np3y-hua5
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.2
aliases CVE-2018-1081, GHSA-v9xq-vh72-chr4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m4zv-e3dn-budf
18
url VCID-mkfz-e1ft-2bcw
vulnerability_id VCID-mkfz-e1ft-2bcw
summary 
Code Injection
It was found in Moodle that it was possible for site administrators to execute arbitrary PHP scripts via a PHP include used during Shibboleth authentication.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20187
reference_id
reference_type
scores
0
value 0.00679
scoring_system epss
scoring_elements 0.7197
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20187
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=417171
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=417171
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20187
reference_id CVE-2021-20187
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20187
fixed_packages
0
url pkg:composer/moodle/moodle@3.5.16
purl pkg:composer/moodle/moodle@3.5.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-dpd2-1sqc-qqfy
2
vulnerability VCID-gnez-ehgq-rfbr
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
6
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.16
1
url pkg:composer/moodle/moodle@3.8.7
purl pkg:composer/moodle/moodle@3.8.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-dpd2-1sqc-qqfy
2
vulnerability VCID-gnez-ehgq-rfbr
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.7
2
url pkg:composer/moodle/moodle@3.9.4
purl pkg:composer/moodle/moodle@3.9.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-dpd2-1sqc-qqfy
2
vulnerability VCID-gnez-ehgq-rfbr
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.4
3
url pkg:composer/moodle/moodle@3.10.1
purl pkg:composer/moodle/moodle@3.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-bu6d-ns3s-fuck
2
vulnerability VCID-dpd2-1sqc-qqfy
3
vulnerability VCID-gnez-ehgq-rfbr
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.1
aliases CVE-2021-20187, GHSA-2jrm-gww7-wch2
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mkfz-e1ft-2bcw
19
url VCID-nntc-dsz1-e3fp
vulnerability_id VCID-nntc-dsz1-e3fp
summary 
Cross-site Scripting
It was found in Moodle that if the TeX notation filter was enabled, additional sanitizing of TeX content was required to prevent the risk of stored XSS.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20186
reference_id
reference_type
scores
0
value 0.0053
scoring_system epss
scoring_elements 0.67569
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20186
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=417170
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=417170
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20186
reference_id CVE-2021-20186
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20186
fixed_packages
0
url pkg:composer/moodle/moodle@3.5.16
purl pkg:composer/moodle/moodle@3.5.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-dpd2-1sqc-qqfy
2
vulnerability VCID-gnez-ehgq-rfbr
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
6
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.16
1
url pkg:composer/moodle/moodle@3.8.7
purl pkg:composer/moodle/moodle@3.8.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-dpd2-1sqc-qqfy
2
vulnerability VCID-gnez-ehgq-rfbr
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.7
2
url pkg:composer/moodle/moodle@3.9.4
purl pkg:composer/moodle/moodle@3.9.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-dpd2-1sqc-qqfy
2
vulnerability VCID-gnez-ehgq-rfbr
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.4
3
url pkg:composer/moodle/moodle@3.10.1
purl pkg:composer/moodle/moodle@3.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-bu6d-ns3s-fuck
2
vulnerability VCID-dpd2-1sqc-qqfy
3
vulnerability VCID-gnez-ehgq-rfbr
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.1
aliases CVE-2021-20186, GHSA-h8m4-h385-qhqv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nntc-dsz1-e3fp
20
url VCID-qhv1-wgpm-7fh6
vulnerability_id VCID-qhv1-wgpm-7fh6
summary 
Improper Authorization
Users could assign themselves an escalated role within courses or content accessed via LTI, by modifying the request to the LTI publisher site.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3849
reference_id
reference_type
scores
0
value 0.00374
scoring_system epss
scoring_elements 0.59366
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3849
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3849
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3849
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/427463a52574e4b3bcbe1c65c49066438770641e
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/427463a52574e4b3bcbe1c65c49066438770641e
4
reference_url https://github.com/moodle/moodle/commit/430f685834cef190bdf58afabe79e765d596890d
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/430f685834cef190bdf58afabe79e765d596890d
5
reference_url https://github.com/moodle/moodle/commit/723d1a747555b795ed53a0fad01da455797bb78f
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/723d1a747555b795ed53a0fad01da455797bb78f
6
reference_url https://github.com/moodle/moodle/commit/898d5d05a0c3ae6795db0241bf3cb5951213d45c
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/898d5d05a0c3ae6795db0241bf3cb5951213d45c
7
reference_url https://github.com/moodle/moodle/commit/b77dcd23d8e39265b5c096f0d947764c02d832c8
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/b77dcd23d8e39265b5c096f0d947764c02d832c8
8
reference_url https://github.com/moodle/moodle/commit/cd3060d941a051931eb2613b25bafb0108665895
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/cd3060d941a051931eb2613b25bafb0108665895
9
reference_url https://github.com/moodle/moodle/commit/fba7dcd90abd45210d782a79c6e25bb3840c7438
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/fba7dcd90abd45210d782a79c6e25bb3840c7438
10
reference_url https://moodle.org/mod/forum/discuss.php?d=384012#p1547744
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=384012#p1547744
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-3849
reference_id CVE-2019-3849
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-3849
fixed_packages
0
url pkg:composer/moodle/moodle@3.4.8
purl pkg:composer/moodle/moodle@3.4.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qxsq-ku22-r7gx
9
vulnerability VCID-w9ca-exua-g7ar
10
vulnerability VCID-x7rg-rsb5-pya7
11
vulnerability VCID-y8up-cqtu-jkdw
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.8
1
url pkg:composer/moodle/moodle@3.5.5
purl pkg:composer/moodle/moodle@3.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-3cb4-wz6x-ckcd
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-56wj-4124-ryd2
4
vulnerability VCID-6m19-4krm-2udd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-bbj9-hpz3-xqhh
7
vulnerability VCID-c1a1-z5m1-nfbc
8
vulnerability VCID-deur-8zdf-2kh2
9
vulnerability VCID-dpd2-1sqc-qqfy
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fskk-cb95-uqer
12
vulnerability VCID-gnez-ehgq-rfbr
13
vulnerability VCID-hhzz-hbqz-akfw
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-jcsq-3q5z-4kc6
16
vulnerability VCID-kgva-z9gg-u3dw
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-mhm4-8kuk-t7b6
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-mqde-66zm-qbbj
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-paj4-nq1r-jbd3
23
vulnerability VCID-pgfa-bkaw-q7cq
24
vulnerability VCID-qxsq-ku22-r7gx
25
vulnerability VCID-w2b2-fuky-j3ff
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-y8up-cqtu-jkdw
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.5
2
url pkg:composer/moodle/moodle@3.6.3
purl pkg:composer/moodle/moodle@3.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-hhzz-hbqz-akfw
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-kgva-z9gg-u3dw
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-n5tc-1k33-dfeq
9
vulnerability VCID-paj4-nq1r-jbd3
10
vulnerability VCID-qxsq-ku22-r7gx
11
vulnerability VCID-w2b2-fuky-j3ff
12
vulnerability VCID-w9ca-exua-g7ar
13
vulnerability VCID-x7rg-rsb5-pya7
14
vulnerability VCID-y8up-cqtu-jkdw
15
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.3
aliases CVE-2019-3849, GHSA-5wg9-5w3f-hxmh
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qhv1-wgpm-7fh6
21
url VCID-qpu2-8paz-7ydv
vulnerability_id VCID-qpu2-8paz-7ydv
summary 
Exposure of Sensitive Information to an Unauthorized Actor
The blind-marking implementation in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote authenticated users to de-anonymize student identities by (1) using a screen reader or (2) reading the HTML source.
references
0
reference_url http://openwall.com/lists/oss-security/2014/05/19/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/05/19/1
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0215
reference_id
reference_type
scores
0
value 0.00199
scoring_system epss
scoring_elements 0.41837
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0215
2
reference_url https://moodle.org/mod/forum/discuss.php?d=260363
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=260363
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0215
reference_id CVE-2014-0215
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0215
4
reference_url https://github.com/advisories/GHSA-2fmv-j5xj-4fmq
reference_id GHSA-2fmv-j5xj-4fmq
reference_type
scores
url https://github.com/advisories/GHSA-2fmv-j5xj-4fmq
fixed_packages
0
url pkg:composer/moodle/moodle@2.5.6
purl pkg:composer/moodle/moodle@2.5.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-h8xn-n98n-qqdv
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k1bh-ymgt-e7cd
15
vulnerability VCID-k6pw-51st-b3d2
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-m4zv-e3dn-budf
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-nntc-dsz1-e3fp
21
vulnerability VCID-qhv1-wgpm-7fh6
22
vulnerability VCID-qxyw-7hnt-hqd6
23
vulnerability VCID-r6kn-b963-eqge
24
vulnerability VCID-s6uu-335k-yfbc
25
vulnerability VCID-vb67-yux5-ayhf
26
vulnerability VCID-vfp6-4h8n-bkax
27
vulnerability VCID-w9ca-exua-g7ar
28
vulnerability VCID-x7rg-rsb5-pya7
29
vulnerability VCID-xmm4-zw49-3feh
30
vulnerability VCID-y8up-cqtu-jkdw
31
vulnerability VCID-yghg-775s-vber
32
vulnerability VCID-zjrq-np3y-hua5
33
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.6
1
url pkg:composer/moodle/moodle@2.7.0
purl pkg:composer/moodle/moodle@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ehh-qz6c-ykhp
1
vulnerability VCID-1rar-m2g3-27ag
2
vulnerability VCID-1z6j-fs6f-eua1
3
vulnerability VCID-29yj-e9bd-queq
4
vulnerability VCID-2dxb-v1af-jbax
5
vulnerability VCID-2s6b-tp6p-gue1
6
vulnerability VCID-2y3m-yuaj-vkf2
7
vulnerability VCID-37j1-ym2f-1fbc
8
vulnerability VCID-37pj-u3gh-n7fd
9
vulnerability VCID-3xwm-hqap-8bct
10
vulnerability VCID-46jw-xjbu-b3f1
11
vulnerability VCID-4cx7-eaax-8uhr
12
vulnerability VCID-4kq5-ctsv-eka8
13
vulnerability VCID-5c29-qn3p-3yde
14
vulnerability VCID-5nfq-4syg-87da
15
vulnerability VCID-5rbf-4dz3-2qdz
16
vulnerability VCID-5vx4-qtb2-fqe9
17
vulnerability VCID-62yh-cpfr-9bb1
18
vulnerability VCID-65y9-9ur2-pugc
19
vulnerability VCID-83kb-4mk9-t7ge
20
vulnerability VCID-8cc1-hbzm-87bx
21
vulnerability VCID-8q4n-d565-kfbn
22
vulnerability VCID-95mq-m2jz-a3ab
23
vulnerability VCID-9z66-z9af-17f7
24
vulnerability VCID-a3pu-x51u-1udr
25
vulnerability VCID-a6pb-47tu-afcg
26
vulnerability VCID-ajkr-fxa1-mkhk
27
vulnerability VCID-an53-nu91-k3d7
28
vulnerability VCID-aqc8-tmeg-9fdd
29
vulnerability VCID-b9ej-hx7z-1bb8
30
vulnerability VCID-bfmx-cwap-8yhp
31
vulnerability VCID-bjnq-q2nd-1khp
32
vulnerability VCID-czph-uxwr-5uge
33
vulnerability VCID-d3yp-gq4c-vyf8
34
vulnerability VCID-dhku-uah4-ykh8
35
vulnerability VCID-duna-st9c-mqbk
36
vulnerability VCID-ea5s-xphb-6ub7
37
vulnerability VCID-eaqp-7abt-6kg9
38
vulnerability VCID-emu7-jhv2-zqb8
39
vulnerability VCID-eu27-a3px-87ed
40
vulnerability VCID-evke-m8nn-6ua3
41
vulnerability VCID-fsex-f512-pudv
42
vulnerability VCID-fumj-9pun-zfc5
43
vulnerability VCID-g4hn-yz26-1beb
44
vulnerability VCID-gvan-87dt-b7fp
45
vulnerability VCID-h8xn-n98n-qqdv
46
vulnerability VCID-hbky-xx53-vkct
47
vulnerability VCID-hck4-emsr-q7dc
48
vulnerability VCID-j11s-2mhg-pfdn
49
vulnerability VCID-jcq6-btgz-fkf6
50
vulnerability VCID-k1bh-ymgt-e7cd
51
vulnerability VCID-k6pw-51st-b3d2
52
vulnerability VCID-k73h-z6j8-gkgz
53
vulnerability VCID-kgvw-uxf4-wbc1
54
vulnerability VCID-krn6-pwk5-ake2
55
vulnerability VCID-kzwd-2e6n-fkbm
56
vulnerability VCID-m3np-aebb-8qaa
57
vulnerability VCID-m4zv-e3dn-budf
58
vulnerability VCID-mkfz-e1ft-2bcw
59
vulnerability VCID-n9uc-b76m-8fbs
60
vulnerability VCID-nfdb-m7rg-47ca
61
vulnerability VCID-nntc-dsz1-e3fp
62
vulnerability VCID-qhv1-wgpm-7fh6
63
vulnerability VCID-qxyw-7hnt-hqd6
64
vulnerability VCID-r3f7-9paf-83ht
65
vulnerability VCID-r6kn-b963-eqge
66
vulnerability VCID-r88h-mteg-yka9
67
vulnerability VCID-rdfn-52p2-afa7
68
vulnerability VCID-rscq-xx52-2ua8
69
vulnerability VCID-s3bw-w61k-eqhy
70
vulnerability VCID-s3ue-e5h8-f3dy
71
vulnerability VCID-s5cy-eva4-wbaf
72
vulnerability VCID-s6uu-335k-yfbc
73
vulnerability VCID-tmwc-f872-mufw
74
vulnerability VCID-ucg8-htfc-2bhn
75
vulnerability VCID-uptz-tj66-7yfk
76
vulnerability VCID-uvgt-7m5a-xkdc
77
vulnerability VCID-v4qm-48kk-pfaz
78
vulnerability VCID-v54t-5thx-1beu
79
vulnerability VCID-v6ha-ekxw-7bfr
80
vulnerability VCID-v7zm-cw8w-6yf8
81
vulnerability VCID-vb67-yux5-ayhf
82
vulnerability VCID-vda3-4fgr-gfbw
83
vulnerability VCID-vfp6-4h8n-bkax
84
vulnerability VCID-vs2j-b4qg-nbgu
85
vulnerability VCID-vtq4-fpr8-hudb
86
vulnerability VCID-w9ca-exua-g7ar
87
vulnerability VCID-wavt-rrws-3yhs
88
vulnerability VCID-wawr-t9dc-33fj
89
vulnerability VCID-x7rg-rsb5-pya7
90
vulnerability VCID-xmm4-zw49-3feh
91
vulnerability VCID-xnmk-jah2-ufce
92
vulnerability VCID-xy2y-yxfu-xfgm
93
vulnerability VCID-y2vh-7r7h-9ugu
94
vulnerability VCID-y8up-cqtu-jkdw
95
vulnerability VCID-yghg-775s-vber
96
vulnerability VCID-zjrq-np3y-hua5
97
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.0
aliases CVE-2014-0215, GHSA-2fmv-j5xj-4fmq
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qpu2-8paz-7ydv
22
url VCID-r6kn-b963-eqge
vulnerability_id VCID-r6kn-b963-eqge
summary 
URL Redirection to Untrusted Site (Open Redirect)
Links within assignment submission comments would open directly (in the same window). Although links themselves may be valid, opening within the same window and without the no-referrer header policy made them more susceptible to exploits.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3850
reference_id
reference_type
scores
0
value 0.00072
scoring_system epss
scoring_elements 0.22031
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3850
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3850
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3850
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/1fc481dd7b09e08e85824c1fe6733b303a36bdce
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/1fc481dd7b09e08e85824c1fe6733b303a36bdce
4
reference_url https://github.com/moodle/moodle/commit/772c908d40a944efd91d897d524b255626d330d4
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/772c908d40a944efd91d897d524b255626d330d4
5
reference_url https://github.com/moodle/moodle/commit/907b377e51c32ea37feef53e10684b504e103273
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/907b377e51c32ea37feef53e10684b504e103273
6
reference_url https://github.com/moodle/moodle/commit/d3f2f990dd3c5d4e6073a77154c6423d1c304647
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/d3f2f990dd3c5d4e6073a77154c6423d1c304647
7
reference_url https://moodle.org/mod/forum/discuss.php?d=384013#p1547745
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=384013#p1547745
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-3850
reference_id CVE-2019-3850
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-3850
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.17
purl pkg:composer/moodle/moodle@3.1.17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qhv1-wgpm-7fh6
9
vulnerability VCID-qxsq-ku22-r7gx
10
vulnerability VCID-w9ca-exua-g7ar
11
vulnerability VCID-x7rg-rsb5-pya7
12
vulnerability VCID-y8up-cqtu-jkdw
13
vulnerability VCID-zjrq-np3y-hua5
14
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.17
1
url pkg:composer/moodle/moodle@3.4.8
purl pkg:composer/moodle/moodle@3.4.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qxsq-ku22-r7gx
9
vulnerability VCID-w9ca-exua-g7ar
10
vulnerability VCID-x7rg-rsb5-pya7
11
vulnerability VCID-y8up-cqtu-jkdw
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.8
2
url pkg:composer/moodle/moodle@3.5.5
purl pkg:composer/moodle/moodle@3.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-3cb4-wz6x-ckcd
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-56wj-4124-ryd2
4
vulnerability VCID-6m19-4krm-2udd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-bbj9-hpz3-xqhh
7
vulnerability VCID-c1a1-z5m1-nfbc
8
vulnerability VCID-deur-8zdf-2kh2
9
vulnerability VCID-dpd2-1sqc-qqfy
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fskk-cb95-uqer
12
vulnerability VCID-gnez-ehgq-rfbr
13
vulnerability VCID-hhzz-hbqz-akfw
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-jcsq-3q5z-4kc6
16
vulnerability VCID-kgva-z9gg-u3dw
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-mhm4-8kuk-t7b6
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-mqde-66zm-qbbj
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-paj4-nq1r-jbd3
23
vulnerability VCID-pgfa-bkaw-q7cq
24
vulnerability VCID-qxsq-ku22-r7gx
25
vulnerability VCID-w2b2-fuky-j3ff
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-y8up-cqtu-jkdw
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.5
3
url pkg:composer/moodle/moodle@3.6.3
purl pkg:composer/moodle/moodle@3.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-hhzz-hbqz-akfw
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-kgva-z9gg-u3dw
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-n5tc-1k33-dfeq
9
vulnerability VCID-paj4-nq1r-jbd3
10
vulnerability VCID-qxsq-ku22-r7gx
11
vulnerability VCID-w2b2-fuky-j3ff
12
vulnerability VCID-w9ca-exua-g7ar
13
vulnerability VCID-x7rg-rsb5-pya7
14
vulnerability VCID-y8up-cqtu-jkdw
15
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.3
aliases CVE-2019-3850, GHSA-3fj7-9j8m-7r8g
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r6kn-b963-eqge
23
url VCID-s6uu-335k-yfbc
vulnerability_id VCID-s6uu-335k-yfbc
summary 
Improper Input Validation
Users with the "login as other users" capability (such as administrators/managers) can access other users' Dashboards, but the JavaScript those other users may have added to their Dashboard was not being escaped when being viewed by the user logging in on their behalf.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3847
reference_id
reference_type
scores
0
value 0.00867
scoring_system epss
scoring_elements 0.75516
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3847
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3847
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3847
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/070f24d006eab6b958eb083530de159b43c538ed
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/070f24d006eab6b958eb083530de159b43c538ed
4
reference_url https://github.com/moodle/moodle/commit/93dda3bfd3caaaa8d23fe8ede543f27ef774958d
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/93dda3bfd3caaaa8d23fe8ede543f27ef774958d
5
reference_url https://github.com/moodle/moodle/commit/a37e26d2efe1ca0e4d8d69c611a748af35b33674
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/a37e26d2efe1ca0e4d8d69c611a748af35b33674
6
reference_url https://github.com/moodle/moodle/commit/e836242e1c04cd62d0afa4a790074fd245628e7a
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/e836242e1c04cd62d0afa4a790074fd245628e7a
7
reference_url https://github.com/moodle/moodle/commit/ec3b63c772d6448765c68268234cf36c1a91bcac
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/ec3b63c772d6448765c68268234cf36c1a91bcac
8
reference_url https://moodle.org/mod/forum/discuss.php?d=384010#p1547742
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=384010#p1547742
9
reference_url https://web.archive.org/web/20200227082922/http://www.securityfocus.com/bid/107489
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227082922/http://www.securityfocus.com/bid/107489
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-3847
reference_id CVE-2019-3847
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-3847
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.17
purl pkg:composer/moodle/moodle@3.1.17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qhv1-wgpm-7fh6
9
vulnerability VCID-qxsq-ku22-r7gx
10
vulnerability VCID-w9ca-exua-g7ar
11
vulnerability VCID-x7rg-rsb5-pya7
12
vulnerability VCID-y8up-cqtu-jkdw
13
vulnerability VCID-zjrq-np3y-hua5
14
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.17
1
url pkg:composer/moodle/moodle@3.4.8
purl pkg:composer/moodle/moodle@3.4.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qxsq-ku22-r7gx
9
vulnerability VCID-w9ca-exua-g7ar
10
vulnerability VCID-x7rg-rsb5-pya7
11
vulnerability VCID-y8up-cqtu-jkdw
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.8
2
url pkg:composer/moodle/moodle@3.5.5
purl pkg:composer/moodle/moodle@3.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-3cb4-wz6x-ckcd
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-56wj-4124-ryd2
4
vulnerability VCID-6m19-4krm-2udd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-bbj9-hpz3-xqhh
7
vulnerability VCID-c1a1-z5m1-nfbc
8
vulnerability VCID-deur-8zdf-2kh2
9
vulnerability VCID-dpd2-1sqc-qqfy
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fskk-cb95-uqer
12
vulnerability VCID-gnez-ehgq-rfbr
13
vulnerability VCID-hhzz-hbqz-akfw
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-jcsq-3q5z-4kc6
16
vulnerability VCID-kgva-z9gg-u3dw
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-mhm4-8kuk-t7b6
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-mqde-66zm-qbbj
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-paj4-nq1r-jbd3
23
vulnerability VCID-pgfa-bkaw-q7cq
24
vulnerability VCID-qxsq-ku22-r7gx
25
vulnerability VCID-w2b2-fuky-j3ff
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-y8up-cqtu-jkdw
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.5
3
url pkg:composer/moodle/moodle@3.6.3
purl pkg:composer/moodle/moodle@3.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-hhzz-hbqz-akfw
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-kgva-z9gg-u3dw
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-n5tc-1k33-dfeq
9
vulnerability VCID-paj4-nq1r-jbd3
10
vulnerability VCID-qxsq-ku22-r7gx
11
vulnerability VCID-w2b2-fuky-j3ff
12
vulnerability VCID-w9ca-exua-g7ar
13
vulnerability VCID-x7rg-rsb5-pya7
14
vulnerability VCID-y8up-cqtu-jkdw
15
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.3
aliases CVE-2019-3847, GHSA-qrcj-6fjw-3h9h
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s6uu-335k-yfbc
24
url VCID-vb67-yux5-ayhf
vulnerability_id VCID-vb67-yux5-ayhf
summary 
Weak Password Recovery Mechanism for Forgotten Password
In Moodle, web service tokens are not invalidated when the user password is changed or forced to be changed.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-7038
reference_id
reference_type
scores
0
value 0.00243
scoring_system epss
scoring_elements 0.47695
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-7038
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=339631
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=339631
3
reference_url http://www.securityfocus.com/bid/93174
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/93174
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-7038
reference_id CVE-2016-7038
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-7038
fixed_packages
0
url pkg:composer/moodle/moodle@2.7.16
purl pkg:composer/moodle/moodle@2.7.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-5rbf-4dz3-2qdz
3
vulnerability VCID-65y9-9ur2-pugc
4
vulnerability VCID-83kb-4mk9-t7ge
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-dhku-uah4-ykh8
9
vulnerability VCID-duna-st9c-mqbk
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-k1bh-ymgt-e7cd
13
vulnerability VCID-k73h-z6j8-gkgz
14
vulnerability VCID-m3np-aebb-8qaa
15
vulnerability VCID-m4zv-e3dn-budf
16
vulnerability VCID-mkfz-e1ft-2bcw
17
vulnerability VCID-nntc-dsz1-e3fp
18
vulnerability VCID-qhv1-wgpm-7fh6
19
vulnerability VCID-r6kn-b963-eqge
20
vulnerability VCID-s6uu-335k-yfbc
21
vulnerability VCID-v54t-5thx-1beu
22
vulnerability VCID-vfp6-4h8n-bkax
23
vulnerability VCID-vtq4-fpr8-hudb
24
vulnerability VCID-w9ca-exua-g7ar
25
vulnerability VCID-x7rg-rsb5-pya7
26
vulnerability VCID-y8up-cqtu-jkdw
27
vulnerability VCID-yghg-775s-vber
28
vulnerability VCID-zjrq-np3y-hua5
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.16
1
url pkg:composer/moodle/moodle@2.9.0-beta
purl pkg:composer/moodle/moodle@2.9.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-ajkr-fxa1-mkhk
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-duna-st9c-mqbk
6
vulnerability VCID-eu27-a3px-87ed
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-k1bh-ymgt-e7cd
9
vulnerability VCID-k73h-z6j8-gkgz
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-m4zv-e3dn-budf
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-r6kn-b963-eqge
16
vulnerability VCID-s6uu-335k-yfbc
17
vulnerability VCID-vfp6-4h8n-bkax
18
vulnerability VCID-w9ca-exua-g7ar
19
vulnerability VCID-x7rg-rsb5-pya7
20
vulnerability VCID-y8up-cqtu-jkdw
21
vulnerability VCID-yghg-775s-vber
22
vulnerability VCID-zjrq-np3y-hua5
23
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.0-beta
2
url pkg:composer/moodle/moodle@2.9.8
purl pkg:composer/moodle/moodle@2.9.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-65y9-9ur2-pugc
2
vulnerability VCID-83kb-4mk9-t7ge
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-duna-st9c-mqbk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-jcq6-btgz-fkf6
9
vulnerability VCID-k1bh-ymgt-e7cd
10
vulnerability VCID-k73h-z6j8-gkgz
11
vulnerability VCID-m3np-aebb-8qaa
12
vulnerability VCID-m4zv-e3dn-budf
13
vulnerability VCID-mkfz-e1ft-2bcw
14
vulnerability VCID-nntc-dsz1-e3fp
15
vulnerability VCID-qhv1-wgpm-7fh6
16
vulnerability VCID-r6kn-b963-eqge
17
vulnerability VCID-s6uu-335k-yfbc
18
vulnerability VCID-v54t-5thx-1beu
19
vulnerability VCID-vfp6-4h8n-bkax
20
vulnerability VCID-w9ca-exua-g7ar
21
vulnerability VCID-x7rg-rsb5-pya7
22
vulnerability VCID-y8up-cqtu-jkdw
23
vulnerability VCID-yghg-775s-vber
24
vulnerability VCID-zjrq-np3y-hua5
25
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.8
3
url pkg:composer/moodle/moodle@3.0.6
purl pkg:composer/moodle/moodle@3.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-5rbf-4dz3-2qdz
3
vulnerability VCID-65y9-9ur2-pugc
4
vulnerability VCID-83kb-4mk9-t7ge
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-ajkr-fxa1-mkhk
8
vulnerability VCID-bjnq-q2nd-1khp
9
vulnerability VCID-dhku-uah4-ykh8
10
vulnerability VCID-duna-st9c-mqbk
11
vulnerability VCID-eu27-a3px-87ed
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k73h-z6j8-gkgz
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-r6kn-b963-eqge
21
vulnerability VCID-s6uu-335k-yfbc
22
vulnerability VCID-v54t-5thx-1beu
23
vulnerability VCID-vfp6-4h8n-bkax
24
vulnerability VCID-vtq4-fpr8-hudb
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zgzm-wj81-jkah
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.6
4
url pkg:composer/moodle/moodle@3.1.2
purl pkg:composer/moodle/moodle@3.1.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-336n-hpzg-euhd
3
vulnerability VCID-4rz2-b4e3-87g5
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-65y9-9ur2-pugc
6
vulnerability VCID-83kb-4mk9-t7ge
7
vulnerability VCID-8mgr-gdzj-4ybs
8
vulnerability VCID-9nd7-4wve-97hc
9
vulnerability VCID-9t4u-n1pn-w3bd
10
vulnerability VCID-a6pb-47tu-afcg
11
vulnerability VCID-ajkr-fxa1-mkhk
12
vulnerability VCID-b7br-bh2d-rygp
13
vulnerability VCID-bjnq-q2nd-1khp
14
vulnerability VCID-ckg1-9vpt-yfdk
15
vulnerability VCID-deur-8zdf-2kh2
16
vulnerability VCID-dhku-uah4-ykh8
17
vulnerability VCID-duna-st9c-mqbk
18
vulnerability VCID-e2zc-7ujn-wybu
19
vulnerability VCID-eu27-a3px-87ed
20
vulnerability VCID-fegs-ubsk-63hu
21
vulnerability VCID-g8ct-c4ce-zuaf
22
vulnerability VCID-jcq6-btgz-fkf6
23
vulnerability VCID-jn5n-6hg9-tyf7
24
vulnerability VCID-k1bh-ymgt-e7cd
25
vulnerability VCID-k73h-z6j8-gkgz
26
vulnerability VCID-m3np-aebb-8qaa
27
vulnerability VCID-m4zv-e3dn-budf
28
vulnerability VCID-mkfz-e1ft-2bcw
29
vulnerability VCID-nntc-dsz1-e3fp
30
vulnerability VCID-p2gd-7uam-mqf8
31
vulnerability VCID-q2fa-jymp-c3bb
32
vulnerability VCID-qhv1-wgpm-7fh6
33
vulnerability VCID-qxsq-ku22-r7gx
34
vulnerability VCID-r6kn-b963-eqge
35
vulnerability VCID-s6uu-335k-yfbc
36
vulnerability VCID-v54t-5thx-1beu
37
vulnerability VCID-vfp6-4h8n-bkax
38
vulnerability VCID-vtq4-fpr8-hudb
39
vulnerability VCID-w9ca-exua-g7ar
40
vulnerability VCID-x7rg-rsb5-pya7
41
vulnerability VCID-x927-nh46-7fdy
42
vulnerability VCID-y8up-cqtu-jkdw
43
vulnerability VCID-yghg-775s-vber
44
vulnerability VCID-yp82-zj5g-pbaf
45
vulnerability VCID-zgzm-wj81-jkah
46
vulnerability VCID-zjrq-np3y-hua5
47
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.2
aliases CVE-2016-7038, GHSA-2phx-w35g-x9vm
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vb67-yux5-ayhf
25
url VCID-vfp6-4h8n-bkax
vulnerability_id VCID-vfp6-4h8n-bkax
summary 
Code Injection
Moodle is vulnerable to an XML import of ddwtos could lead to intentional remote code execution. When importing legacy `drag and drop into text` (ddwtos) type quiz questions, it was possible to inject and execute PHP code from within the imported questions, either intentionally or by importing questions from an untrusted source.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-62880
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-62880
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-14630
reference_id
reference_type
scores
0
value 0.01859
scoring_system epss
scoring_elements 0.83401
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-14630
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14630
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14630
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/09cbca8566a388e8f0a1a0cfd86cd0667088ed2c
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/09cbca8566a388e8f0a1a0cfd86cd0667088ed2c
5
reference_url https://github.com/moodle/moodle/commit/be092b730910ad97fff0511e177a097ec1cc4b1c
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/be092b730910ad97fff0511e177a097ec1cc4b1c
6
reference_url https://github.com/moodle/moodle/commit/cb8aefa658cf7ad8f002a480343afb2dea94cc08
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/cb8aefa658cf7ad8f002a480343afb2dea94cc08
7
reference_url https://github.com/moodle/moodle/commit/cfc4393aa689c277a27b9a040ff7dcbdac4e41dd
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/cfc4393aa689c277a27b9a040ff7dcbdac4e41dd
8
reference_url https://github.com/moodle/moodle/commit/da1eeea0ff3d292b7669e478abc114872dd9cc8f
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/da1eeea0ff3d292b7669e478abc114872dd9cc8f
9
reference_url https://moodle.org/mod/forum/discuss.php?d=376023
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=376023
10
reference_url https://seclists.org/fulldisclosure/2018/Sep/28
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/fulldisclosure/2018/Sep/28
11
reference_url https://web.archive.org/web/20200227111301/https://www.securityfocus.com/bid/105354
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227111301/https://www.securityfocus.com/bid/105354
12
reference_url https://www.sec-consult.com/en/blog/advisories/remote-code-execution-php-unserialize-moodle-open-source-learning-platform-cve-2018-14630
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.sec-consult.com/en/blog/advisories/remote-code-execution-php-unserialize-moodle-open-source-learning-platform-cve-2018-14630
13
reference_url http://www.securityfocus.com/bid/105354
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/105354
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14630
reference_id CVE-2018-14630
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-14630
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.0-beta
purl pkg:composer/moodle/moodle@3.1.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-ajkr-fxa1-mkhk
3
vulnerability VCID-duna-st9c-mqbk
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-k1bh-ymgt-e7cd
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-mkfz-e1ft-2bcw
9
vulnerability VCID-nntc-dsz1-e3fp
10
vulnerability VCID-qhv1-wgpm-7fh6
11
vulnerability VCID-r6kn-b963-eqge
12
vulnerability VCID-s6uu-335k-yfbc
13
vulnerability VCID-w9ca-exua-g7ar
14
vulnerability VCID-x7rg-rsb5-pya7
15
vulnerability VCID-y8up-cqtu-jkdw
16
vulnerability VCID-yghg-775s-vber
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.0-beta
1
url pkg:composer/moodle/moodle@3.1.14
purl pkg:composer/moodle/moodle@3.1.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-9t4u-n1pn-w3bd
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-deur-8zdf-2kh2
6
vulnerability VCID-eu27-a3px-87ed
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-k73h-z6j8-gkgz
9
vulnerability VCID-m3np-aebb-8qaa
10
vulnerability VCID-mkfz-e1ft-2bcw
11
vulnerability VCID-nntc-dsz1-e3fp
12
vulnerability VCID-qhv1-wgpm-7fh6
13
vulnerability VCID-qxsq-ku22-r7gx
14
vulnerability VCID-r6kn-b963-eqge
15
vulnerability VCID-s6uu-335k-yfbc
16
vulnerability VCID-w9ca-exua-g7ar
17
vulnerability VCID-x7rg-rsb5-pya7
18
vulnerability VCID-y8up-cqtu-jkdw
19
vulnerability VCID-zjrq-np3y-hua5
20
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.14
2
url pkg:composer/moodle/moodle@3.3.8
purl pkg:composer/moodle/moodle@3.3.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-bjnq-q2nd-1khp
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qhv1-wgpm-7fh6
9
vulnerability VCID-w9ca-exua-g7ar
10
vulnerability VCID-x7rg-rsb5-pya7
11
vulnerability VCID-y8up-cqtu-jkdw
12
vulnerability VCID-zjrq-np3y-hua5
13
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.8
3
url pkg:composer/moodle/moodle@3.4.5
purl pkg:composer/moodle/moodle@3.4.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-bjnq-q2nd-1khp
4
vulnerability VCID-deur-8zdf-2kh2
5
vulnerability VCID-eu27-a3px-87ed
6
vulnerability VCID-jcq6-btgz-fkf6
7
vulnerability VCID-k73h-z6j8-gkgz
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-mkfz-e1ft-2bcw
10
vulnerability VCID-nntc-dsz1-e3fp
11
vulnerability VCID-qhv1-wgpm-7fh6
12
vulnerability VCID-qxsq-ku22-r7gx
13
vulnerability VCID-r6kn-b963-eqge
14
vulnerability VCID-s6uu-335k-yfbc
15
vulnerability VCID-w9ca-exua-g7ar
16
vulnerability VCID-x7rg-rsb5-pya7
17
vulnerability VCID-y8up-cqtu-jkdw
18
vulnerability VCID-zjrq-np3y-hua5
19
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.5
4
url pkg:composer/moodle/moodle@3.5.2
purl pkg:composer/moodle/moodle@3.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-3cb4-wz6x-ckcd
3
vulnerability VCID-42fa-qbft-rfff
4
vulnerability VCID-56wj-4124-ryd2
5
vulnerability VCID-6m19-4krm-2udd
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-akv3-zfp8-kkc7
8
vulnerability VCID-bbj9-hpz3-xqhh
9
vulnerability VCID-bjnq-q2nd-1khp
10
vulnerability VCID-c1a1-z5m1-nfbc
11
vulnerability VCID-deur-8zdf-2kh2
12
vulnerability VCID-dpd2-1sqc-qqfy
13
vulnerability VCID-eu27-a3px-87ed
14
vulnerability VCID-fskk-cb95-uqer
15
vulnerability VCID-gnez-ehgq-rfbr
16
vulnerability VCID-hhzz-hbqz-akfw
17
vulnerability VCID-jcq6-btgz-fkf6
18
vulnerability VCID-jcsq-3q5z-4kc6
19
vulnerability VCID-k73h-z6j8-gkgz
20
vulnerability VCID-kgva-z9gg-u3dw
21
vulnerability VCID-m3np-aebb-8qaa
22
vulnerability VCID-mhm4-8kuk-t7b6
23
vulnerability VCID-mkfz-e1ft-2bcw
24
vulnerability VCID-mqde-66zm-qbbj
25
vulnerability VCID-nntc-dsz1-e3fp
26
vulnerability VCID-paj4-nq1r-jbd3
27
vulnerability VCID-pgfa-bkaw-q7cq
28
vulnerability VCID-qhv1-wgpm-7fh6
29
vulnerability VCID-qxsq-ku22-r7gx
30
vulnerability VCID-r6kn-b963-eqge
31
vulnerability VCID-s6uu-335k-yfbc
32
vulnerability VCID-w2b2-fuky-j3ff
33
vulnerability VCID-w9ca-exua-g7ar
34
vulnerability VCID-x7rg-rsb5-pya7
35
vulnerability VCID-y8up-cqtu-jkdw
36
vulnerability VCID-zjrq-np3y-hua5
37
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.2
aliases CVE-2018-14630, GHSA-c3pr-h96w-2jjg
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vfp6-4h8n-bkax
26
url VCID-w9ca-exua-g7ar
vulnerability_id VCID-w9ca-exua-g7ar
summary 
Improper Access Control
Teachers in a quiz group could modify group overrides for other groups in the same quiz.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10188
reference_id
reference_type
scores
0
value 0.00156
scoring_system epss
scoring_elements 0.36022
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10188
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10188
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10188
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://moodle.org/mod/forum/discuss.php?d=388569
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=388569
4
reference_url http://www.securityfocus.com/bid/109178
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/109178
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10188
reference_id CVE-2019-10188
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10188
fixed_packages
0
url pkg:composer/moodle/moodle@3.5.7
purl pkg:composer/moodle/moodle@3.5.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-42fa-qbft-rfff
2
vulnerability VCID-56wj-4124-ryd2
3
vulnerability VCID-6m19-4krm-2udd
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-bbj9-hpz3-xqhh
6
vulnerability VCID-c1a1-z5m1-nfbc
7
vulnerability VCID-dpd2-1sqc-qqfy
8
vulnerability VCID-fskk-cb95-uqer
9
vulnerability VCID-gnez-ehgq-rfbr
10
vulnerability VCID-hhzz-hbqz-akfw
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-jcsq-3q5z-4kc6
13
vulnerability VCID-kgva-z9gg-u3dw
14
vulnerability VCID-mhm4-8kuk-t7b6
15
vulnerability VCID-mkfz-e1ft-2bcw
16
vulnerability VCID-mqde-66zm-qbbj
17
vulnerability VCID-nntc-dsz1-e3fp
18
vulnerability VCID-paj4-nq1r-jbd3
19
vulnerability VCID-pgfa-bkaw-q7cq
20
vulnerability VCID-w2b2-fuky-j3ff
21
vulnerability VCID-y8up-cqtu-jkdw
22
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7
1
url pkg:composer/moodle/moodle@3.6.5
purl pkg:composer/moodle/moodle@3.6.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a6pb-47tu-afcg
1
vulnerability VCID-hhzz-hbqz-akfw
2
vulnerability VCID-jcq6-btgz-fkf6
3
vulnerability VCID-kgva-z9gg-u3dw
4
vulnerability VCID-n5tc-1k33-dfeq
5
vulnerability VCID-paj4-nq1r-jbd3
6
vulnerability VCID-w2b2-fuky-j3ff
7
vulnerability VCID-y8up-cqtu-jkdw
8
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.5
2
url pkg:composer/moodle/moodle@3.7.1
purl pkg:composer/moodle/moodle@3.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-3uvf-6ztd-xkaf
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-494p-pmxw-b7e2
4
vulnerability VCID-56wj-4124-ryd2
5
vulnerability VCID-6m19-4krm-2udd
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-c14d-1sa2-rkf6
8
vulnerability VCID-c1a1-z5m1-nfbc
9
vulnerability VCID-fskk-cb95-uqer
10
vulnerability VCID-hhzz-hbqz-akfw
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-jcsq-3q5z-4kc6
13
vulnerability VCID-kgva-z9gg-u3dw
14
vulnerability VCID-n5tc-1k33-dfeq
15
vulnerability VCID-paj4-nq1r-jbd3
16
vulnerability VCID-w2b2-fuky-j3ff
17
vulnerability VCID-y8up-cqtu-jkdw
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1
aliases CVE-2019-10188, GHSA-92q5-2h76-vgmj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w9ca-exua-g7ar
27
url VCID-x7rg-rsb5-pya7
vulnerability_id VCID-x7rg-rsb5-pya7
summary 
Improper Access Control
Users with permission to delete entries from a glossary were able to delete entries from other glossaries they did not have direct access to.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10187
reference_id
reference_type
scores
0
value 0.00156
scoring_system epss
scoring_elements 0.36022
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10187
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10187
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10187
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://moodle.org/mod/forum/discuss.php?d=388568#p1566330
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=388568#p1566330
4
reference_url http://www.securityfocus.com/bid/109174
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/109174
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10187
reference_id CVE-2019-10187
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10187
fixed_packages
0
url pkg:composer/moodle/moodle@3.5.7
purl pkg:composer/moodle/moodle@3.5.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-42fa-qbft-rfff
2
vulnerability VCID-56wj-4124-ryd2
3
vulnerability VCID-6m19-4krm-2udd
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-bbj9-hpz3-xqhh
6
vulnerability VCID-c1a1-z5m1-nfbc
7
vulnerability VCID-dpd2-1sqc-qqfy
8
vulnerability VCID-fskk-cb95-uqer
9
vulnerability VCID-gnez-ehgq-rfbr
10
vulnerability VCID-hhzz-hbqz-akfw
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-jcsq-3q5z-4kc6
13
vulnerability VCID-kgva-z9gg-u3dw
14
vulnerability VCID-mhm4-8kuk-t7b6
15
vulnerability VCID-mkfz-e1ft-2bcw
16
vulnerability VCID-mqde-66zm-qbbj
17
vulnerability VCID-nntc-dsz1-e3fp
18
vulnerability VCID-paj4-nq1r-jbd3
19
vulnerability VCID-pgfa-bkaw-q7cq
20
vulnerability VCID-w2b2-fuky-j3ff
21
vulnerability VCID-y8up-cqtu-jkdw
22
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7
1
url pkg:composer/moodle/moodle@3.6.5
purl pkg:composer/moodle/moodle@3.6.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a6pb-47tu-afcg
1
vulnerability VCID-hhzz-hbqz-akfw
2
vulnerability VCID-jcq6-btgz-fkf6
3
vulnerability VCID-kgva-z9gg-u3dw
4
vulnerability VCID-n5tc-1k33-dfeq
5
vulnerability VCID-paj4-nq1r-jbd3
6
vulnerability VCID-w2b2-fuky-j3ff
7
vulnerability VCID-y8up-cqtu-jkdw
8
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.5
2
url pkg:composer/moodle/moodle@3.7.1
purl pkg:composer/moodle/moodle@3.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-3uvf-6ztd-xkaf
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-494p-pmxw-b7e2
4
vulnerability VCID-56wj-4124-ryd2
5
vulnerability VCID-6m19-4krm-2udd
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-c14d-1sa2-rkf6
8
vulnerability VCID-c1a1-z5m1-nfbc
9
vulnerability VCID-fskk-cb95-uqer
10
vulnerability VCID-hhzz-hbqz-akfw
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-jcsq-3q5z-4kc6
13
vulnerability VCID-kgva-z9gg-u3dw
14
vulnerability VCID-n5tc-1k33-dfeq
15
vulnerability VCID-paj4-nq1r-jbd3
16
vulnerability VCID-w2b2-fuky-j3ff
17
vulnerability VCID-y8up-cqtu-jkdw
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1
aliases CVE-2019-10187, GHSA-2mg9-hv69-897x
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x7rg-rsb5-pya7
28
url VCID-xmm4-zw49-3feh
vulnerability_id VCID-xmm4-zw49-3feh
summary 
Information Exposure
The (1) `core_enrol_get_course_enrolment_methods` and (2) `enrol_self_get_instance_info` web services in Moodle do not consider the `moodle/course:viewhiddencourses` capability, which allows remote authenticated users to obtain sensitive information via a web-service request.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52072
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52072
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176502.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176502.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176436.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176436.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0724
reference_id
reference_type
scores
0
value 0.00578
scoring_system epss
scoring_elements 0.69204
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0724
4
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
5
reference_url https://github.com/moodle/moodle/commit/4323a973d57a41e19e039a850ad71ebcabae73c1
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/4323a973d57a41e19e039a850ad71ebcabae73c1
6
reference_url https://moodle.org/mod/forum/discuss.php?d=326205
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=326205
7
reference_url https://web.archive.org/web/20210622172957/http://www.securitytracker.com/id/1034694
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210622172957/http://www.securitytracker.com/id/1034694
8
reference_url http://www.openwall.com/lists/oss-security/2016/01/18/1
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/01/18/1
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0724
reference_id CVE-2016-0724
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-0724
fixed_packages
0
url pkg:composer/moodle/moodle@2.7.0-beta
purl pkg:composer/moodle/moodle@2.7.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-65y9-9ur2-pugc
2
vulnerability VCID-83kb-4mk9-t7ge
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-duna-st9c-mqbk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-fsex-f512-pudv
9
vulnerability VCID-jcq6-btgz-fkf6
10
vulnerability VCID-k1bh-ymgt-e7cd
11
vulnerability VCID-k73h-z6j8-gkgz
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-nntc-dsz1-e3fp
16
vulnerability VCID-qhv1-wgpm-7fh6
17
vulnerability VCID-r6kn-b963-eqge
18
vulnerability VCID-s6uu-335k-yfbc
19
vulnerability VCID-vb67-yux5-ayhf
20
vulnerability VCID-vfp6-4h8n-bkax
21
vulnerability VCID-w9ca-exua-g7ar
22
vulnerability VCID-x7rg-rsb5-pya7
23
vulnerability VCID-y8up-cqtu-jkdw
24
vulnerability VCID-yghg-775s-vber
25
vulnerability VCID-zjrq-np3y-hua5
26
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.0-beta
1
url pkg:composer/moodle/moodle@2.7.12
purl pkg:composer/moodle/moodle@2.7.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-37pj-u3gh-n7fd
3
vulnerability VCID-4kq5-ctsv-eka8
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-65y9-9ur2-pugc
6
vulnerability VCID-83kb-4mk9-t7ge
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-an53-nu91-k3d7
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-dhku-uah4-ykh8
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eaqp-7abt-6kg9
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fsex-f512-pudv
16
vulnerability VCID-jcq6-btgz-fkf6
17
vulnerability VCID-k1bh-ymgt-e7cd
18
vulnerability VCID-k6pw-51st-b3d2
19
vulnerability VCID-k73h-z6j8-gkgz
20
vulnerability VCID-kgvw-uxf4-wbc1
21
vulnerability VCID-m3np-aebb-8qaa
22
vulnerability VCID-m4zv-e3dn-budf
23
vulnerability VCID-mkfz-e1ft-2bcw
24
vulnerability VCID-nntc-dsz1-e3fp
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-r6kn-b963-eqge
27
vulnerability VCID-s3ue-e5h8-f3dy
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vb67-yux5-ayhf
30
vulnerability VCID-vfp6-4h8n-bkax
31
vulnerability VCID-vtq4-fpr8-hudb
32
vulnerability VCID-w9ca-exua-g7ar
33
vulnerability VCID-x7rg-rsb5-pya7
34
vulnerability VCID-y8up-cqtu-jkdw
35
vulnerability VCID-yghg-775s-vber
36
vulnerability VCID-zjrq-np3y-hua5
37
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.12
2
url pkg:composer/moodle/moodle@2.8.10
purl pkg:composer/moodle/moodle@2.8.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-4kq5-ctsv-eka8
3
vulnerability VCID-65y9-9ur2-pugc
4
vulnerability VCID-83kb-4mk9-t7ge
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-an53-nu91-k3d7
8
vulnerability VCID-bjnq-q2nd-1khp
9
vulnerability VCID-duna-st9c-mqbk
10
vulnerability VCID-eaqp-7abt-6kg9
11
vulnerability VCID-eu27-a3px-87ed
12
vulnerability VCID-fsex-f512-pudv
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k1bh-ymgt-e7cd
15
vulnerability VCID-k6pw-51st-b3d2
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-kgvw-uxf4-wbc1
18
vulnerability VCID-m3np-aebb-8qaa
19
vulnerability VCID-m4zv-e3dn-budf
20
vulnerability VCID-mkfz-e1ft-2bcw
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-qhv1-wgpm-7fh6
23
vulnerability VCID-r6kn-b963-eqge
24
vulnerability VCID-s3ue-e5h8-f3dy
25
vulnerability VCID-s6uu-335k-yfbc
26
vulnerability VCID-vb67-yux5-ayhf
27
vulnerability VCID-vfp6-4h8n-bkax
28
vulnerability VCID-w9ca-exua-g7ar
29
vulnerability VCID-x7rg-rsb5-pya7
30
vulnerability VCID-y8up-cqtu-jkdw
31
vulnerability VCID-yghg-775s-vber
32
vulnerability VCID-zjrq-np3y-hua5
33
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.10
3
url pkg:composer/moodle/moodle@2.9.4
purl pkg:composer/moodle/moodle@2.9.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-4kq5-ctsv-eka8
3
vulnerability VCID-65y9-9ur2-pugc
4
vulnerability VCID-83kb-4mk9-t7ge
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-an53-nu91-k3d7
8
vulnerability VCID-bjnq-q2nd-1khp
9
vulnerability VCID-duna-st9c-mqbk
10
vulnerability VCID-eaqp-7abt-6kg9
11
vulnerability VCID-eu27-a3px-87ed
12
vulnerability VCID-fsex-f512-pudv
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k1bh-ymgt-e7cd
15
vulnerability VCID-k6pw-51st-b3d2
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-kgvw-uxf4-wbc1
18
vulnerability VCID-m3np-aebb-8qaa
19
vulnerability VCID-m4zv-e3dn-budf
20
vulnerability VCID-mkfz-e1ft-2bcw
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-qhv1-wgpm-7fh6
23
vulnerability VCID-r6kn-b963-eqge
24
vulnerability VCID-s3ue-e5h8-f3dy
25
vulnerability VCID-s6uu-335k-yfbc
26
vulnerability VCID-vb67-yux5-ayhf
27
vulnerability VCID-vfp6-4h8n-bkax
28
vulnerability VCID-w9ca-exua-g7ar
29
vulnerability VCID-x7rg-rsb5-pya7
30
vulnerability VCID-y8up-cqtu-jkdw
31
vulnerability VCID-yghg-775s-vber
32
vulnerability VCID-zjrq-np3y-hua5
33
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.4
4
url pkg:composer/moodle/moodle@3.0.2
purl pkg:composer/moodle/moodle@3.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-37pj-u3gh-n7fd
3
vulnerability VCID-4kq5-ctsv-eka8
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-65y9-9ur2-pugc
6
vulnerability VCID-83kb-4mk9-t7ge
7
vulnerability VCID-9nd7-4wve-97hc
8
vulnerability VCID-a6pb-47tu-afcg
9
vulnerability VCID-ajkr-fxa1-mkhk
10
vulnerability VCID-an53-nu91-k3d7
11
vulnerability VCID-bjnq-q2nd-1khp
12
vulnerability VCID-dhku-uah4-ykh8
13
vulnerability VCID-duna-st9c-mqbk
14
vulnerability VCID-eaqp-7abt-6kg9
15
vulnerability VCID-eu27-a3px-87ed
16
vulnerability VCID-fsex-f512-pudv
17
vulnerability VCID-jcq6-btgz-fkf6
18
vulnerability VCID-k1bh-ymgt-e7cd
19
vulnerability VCID-k6pw-51st-b3d2
20
vulnerability VCID-k73h-z6j8-gkgz
21
vulnerability VCID-kgvw-uxf4-wbc1
22
vulnerability VCID-m3np-aebb-8qaa
23
vulnerability VCID-m4zv-e3dn-budf
24
vulnerability VCID-mkfz-e1ft-2bcw
25
vulnerability VCID-nntc-dsz1-e3fp
26
vulnerability VCID-qhv1-wgpm-7fh6
27
vulnerability VCID-r6kn-b963-eqge
28
vulnerability VCID-s3ue-e5h8-f3dy
29
vulnerability VCID-s6uu-335k-yfbc
30
vulnerability VCID-vb67-yux5-ayhf
31
vulnerability VCID-vfp6-4h8n-bkax
32
vulnerability VCID-vtq4-fpr8-hudb
33
vulnerability VCID-w9ca-exua-g7ar
34
vulnerability VCID-x7rg-rsb5-pya7
35
vulnerability VCID-y8up-cqtu-jkdw
36
vulnerability VCID-yghg-775s-vber
37
vulnerability VCID-zgzm-wj81-jkah
38
vulnerability VCID-zjrq-np3y-hua5
39
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.2
aliases CVE-2016-0724, GHSA-hjrj-7wcj-7j3c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xmm4-zw49-3feh
29
url VCID-y8up-cqtu-jkdw
vulnerability_id VCID-y8up-cqtu-jkdw
summary 
Cross-site Scripting
Persistent XSS in `/course/modedit.php` of Moodle allows authenticated users (Teacher) to inject JavaScript into the session of another user (e.g., enrolled student or site administrator) via the `introeditor[text]` parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-18210
reference_id
reference_type
scores
0
value 0.0044
scoring_system epss
scoring_elements 0.63483
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-18210
1
reference_url https://docs.moodle.org/38/en/Teacher_role
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.moodle.org/38/en/Teacher_role
2
reference_url https://gist.github.com/Danbardo/4a6b0fe8cb21ec6d7c54e6ac951bdb0a
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://gist.github.com/Danbardo/4a6b0fe8cb21ec6d7c54e6ac951bdb0a
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-18210
reference_id CVE-2019-18210
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-18210
fixed_packages
0
url pkg:composer/moodle/moodle@3.7.3
purl pkg:composer/moodle/moodle@3.7.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-3uvf-6ztd-xkaf
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-56wj-4124-ryd2
4
vulnerability VCID-6m19-4krm-2udd
5
vulnerability VCID-c14d-1sa2-rkf6
6
vulnerability VCID-c1a1-z5m1-nfbc
7
vulnerability VCID-fskk-cb95-uqer
8
vulnerability VCID-hhzz-hbqz-akfw
9
vulnerability VCID-jcq6-btgz-fkf6
10
vulnerability VCID-jcsq-3q5z-4kc6
11
vulnerability VCID-kgva-z9gg-u3dw
12
vulnerability VCID-paj4-nq1r-jbd3
13
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.3
aliases CVE-2019-18210, GHSA-q6vw-27c6-jv9c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y8up-cqtu-jkdw
30
url VCID-yghg-775s-vber
vulnerability_id VCID-yghg-775s-vber
summary 
Server-Side Request Forgery (SSRF)
Moodle has Server Side Request Forgery in the `filepicker`.
references
0
reference_url http://packetstormsecurity.com/files/153766/Moodle-Filepicker-3.5.2-Server-Side-Request-Forgery.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/153766/Moodle-Filepicker-3.5.2-Server-Side-Request-Forgery.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1042
reference_id
reference_type
scores
0
value 0.12866
scoring_system epss
scoring_elements 0.94175
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1042
2
reference_url https://github.com/moodle/moodle/commit/f1d1a60e0ac8549c08e66062f3cd0110e4a92e24
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/f1d1a60e0ac8549c08e66062f3cd0110e4a92e24
3
reference_url https://moodle.org/mod/forum/discuss.php?d=364381
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=364381
4
reference_url https://web.archive.org/web/20210124134113/http://www.securityfocus.com/bid/102752
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210124134113/http://www.securityfocus.com/bid/102752
5
reference_url http://www.securityfocus.com/bid/102752
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/102752
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/47177.txt
reference_id CVE-2018-1042
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/47177.txt
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1042
reference_id CVE-2018-1042
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1042
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.10
purl pkg:composer/moodle/moodle@3.1.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-9t4u-n1pn-w3bd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-b7br-bh2d-rygp
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-ckg1-9vpt-yfdk
9
vulnerability VCID-deur-8zdf-2kh2
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fegs-ubsk-63hu
12
vulnerability VCID-g8ct-c4ce-zuaf
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k73h-z6j8-gkgz
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-p2gd-7uam-mqf8
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qxsq-ku22-r7gx
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-zjrq-np3y-hua5
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.10
1
url pkg:composer/moodle/moodle@3.2.7
purl pkg:composer/moodle/moodle@3.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-b7br-bh2d-rygp
3
vulnerability VCID-ckg1-9vpt-yfdk
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-fegs-ubsk-63hu
6
vulnerability VCID-g8ct-c4ce-zuaf
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-m4zv-e3dn-budf
10
vulnerability VCID-mkfz-e1ft-2bcw
11
vulnerability VCID-nntc-dsz1-e3fp
12
vulnerability VCID-p2gd-7uam-mqf8
13
vulnerability VCID-qhv1-wgpm-7fh6
14
vulnerability VCID-w9ca-exua-g7ar
15
vulnerability VCID-x7rg-rsb5-pya7
16
vulnerability VCID-y8up-cqtu-jkdw
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.7
2
url pkg:composer/moodle/moodle@3.3.4
purl pkg:composer/moodle/moodle@3.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-8mgr-gdzj-4ybs
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-b7br-bh2d-rygp
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-ckg1-9vpt-yfdk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-fegs-ubsk-63hu
9
vulnerability VCID-fygy-9njn-abgd
10
vulnerability VCID-g8ct-c4ce-zuaf
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-mmg3-7fz9-5uak
16
vulnerability VCID-nntc-dsz1-e3fp
17
vulnerability VCID-p2gd-7uam-mqf8
18
vulnerability VCID-qhv1-wgpm-7fh6
19
vulnerability VCID-vfp6-4h8n-bkax
20
vulnerability VCID-w9ca-exua-g7ar
21
vulnerability VCID-x7rg-rsb5-pya7
22
vulnerability VCID-x9vd-njdz-jua9
23
vulnerability VCID-y8up-cqtu-jkdw
24
vulnerability VCID-zjrq-np3y-hua5
25
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.4
3
url pkg:composer/moodle/moodle@3.4.1
purl pkg:composer/moodle/moodle@3.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-b7br-bh2d-rygp
6
vulnerability VCID-bjnq-q2nd-1khp
7
vulnerability VCID-ckg1-9vpt-yfdk
8
vulnerability VCID-deur-8zdf-2kh2
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fegs-ubsk-63hu
11
vulnerability VCID-fygy-9njn-abgd
12
vulnerability VCID-g8ct-c4ce-zuaf
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k73h-z6j8-gkgz
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-mmg3-7fz9-5uak
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-p2gd-7uam-mqf8
21
vulnerability VCID-qhv1-wgpm-7fh6
22
vulnerability VCID-qxsq-ku22-r7gx
23
vulnerability VCID-r6kn-b963-eqge
24
vulnerability VCID-s6uu-335k-yfbc
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-x9vd-njdz-jua9
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.1
aliases CVE-2018-1042, GHSA-qqjv-mc2v-p7mc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yghg-775s-vber
31
url VCID-zjrq-np3y-hua5
vulnerability_id VCID-zjrq-np3y-hua5
summary 
Information Exposure
Permissions were not correctly checked before loading event information into the calendar's edit event modal popup, so logged in non-guest users could view unauthorised calendar events.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3848
reference_id
reference_type
scores
0
value 0.00133
scoring_system epss
scoring_elements 0.32374
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3848
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3848
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3848
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://moodle.org/mod/forum/discuss.php?d=384011#p1547743
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=384011#p1547743
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-3848
reference_id CVE-2019-3848
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-3848
fixed_packages
0
url pkg:composer/moodle/moodle@3.4.8
purl pkg:composer/moodle/moodle@3.4.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qxsq-ku22-r7gx
9
vulnerability VCID-w9ca-exua-g7ar
10
vulnerability VCID-x7rg-rsb5-pya7
11
vulnerability VCID-y8up-cqtu-jkdw
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.8
1
url pkg:composer/moodle/moodle@3.5.5
purl pkg:composer/moodle/moodle@3.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-3cb4-wz6x-ckcd
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-56wj-4124-ryd2
4
vulnerability VCID-6m19-4krm-2udd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-bbj9-hpz3-xqhh
7
vulnerability VCID-c1a1-z5m1-nfbc
8
vulnerability VCID-deur-8zdf-2kh2
9
vulnerability VCID-dpd2-1sqc-qqfy
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fskk-cb95-uqer
12
vulnerability VCID-gnez-ehgq-rfbr
13
vulnerability VCID-hhzz-hbqz-akfw
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-jcsq-3q5z-4kc6
16
vulnerability VCID-kgva-z9gg-u3dw
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-mhm4-8kuk-t7b6
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-mqde-66zm-qbbj
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-paj4-nq1r-jbd3
23
vulnerability VCID-pgfa-bkaw-q7cq
24
vulnerability VCID-qxsq-ku22-r7gx
25
vulnerability VCID-w2b2-fuky-j3ff
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-y8up-cqtu-jkdw
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.5
2
url pkg:composer/moodle/moodle@3.6.3
purl pkg:composer/moodle/moodle@3.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-hhzz-hbqz-akfw
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-kgva-z9gg-u3dw
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-n5tc-1k33-dfeq
9
vulnerability VCID-paj4-nq1r-jbd3
10
vulnerability VCID-qxsq-ku22-r7gx
11
vulnerability VCID-w2b2-fuky-j3ff
12
vulnerability VCID-w9ca-exua-g7ar
13
vulnerability VCID-x7rg-rsb5-pya7
14
vulnerability VCID-y8up-cqtu-jkdw
15
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.3
aliases CVE-2019-3848, GHSA-45rw-4r25-jvg7
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zjrq-np3y-hua5
32
url VCID-zwkk-zazw-6fgg
vulnerability_id VCID-zwkk-zazw-6fgg
summary 
Improper Validation of Integrity Check Value
It was found in Moodle that a insufficient capability checks in some grade related web services meant students were able to view other students grades.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20184
reference_id
reference_type
scores
0
value 0.00148
scoring_system epss
scoring_elements 0.34896
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20184
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=417167
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=417167
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20184
reference_id CVE-2021-20184
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20184
fixed_packages
0
url pkg:composer/moodle/moodle@3.8.7
purl pkg:composer/moodle/moodle@3.8.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-dpd2-1sqc-qqfy
2
vulnerability VCID-gnez-ehgq-rfbr
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.7
1
url pkg:composer/moodle/moodle@3.9.4
purl pkg:composer/moodle/moodle@3.9.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-dpd2-1sqc-qqfy
2
vulnerability VCID-gnez-ehgq-rfbr
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.4
2
url pkg:composer/moodle/moodle@3.10.1
purl pkg:composer/moodle/moodle@3.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-bu6d-ns3s-fuck
2
vulnerability VCID-dpd2-1sqc-qqfy
3
vulnerability VCID-gnez-ehgq-rfbr
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.1
aliases CVE-2021-20184, GHSA-mm73-86f9-5x5c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zwkk-zazw-6fgg
Fixing_vulnerabilities
0
url VCID-1whm-dsv7-t7gm
vulnerability_id VCID-1whm-dsv7-t7gm
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in the quiz_question_tostring function in mod/quiz/editlib.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote authenticated users to inject arbitrary web script or HTML via a quiz question.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43690
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43690
1
reference_url http://openwall.com/lists/oss-security/2014/03/17/1
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/03/17/1
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-2571
reference_id
reference_type
scores
0
value 0.00209
scoring_system epss
scoring_elements 0.43285
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-2571
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/217d839ded7026ed1b1280e1c296bc80a4036023
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/217d839ded7026ed1b1280e1c296bc80a4036023
5
reference_url https://github.com/moodle/moodle/commit/5da73345fdd46cef912b229b2cfae2a26e36efd8
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/5da73345fdd46cef912b229b2cfae2a26e36efd8
6
reference_url https://github.com/moodle/moodle/commit/7051f3a8828665f4fab37c8db91322fec85a64db
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/7051f3a8828665f4fab37c8db91322fec85a64db
7
reference_url https://github.com/moodle/moodle/commit/fd4b7f57399bed85db0d4066ba12c2633ce87ba3
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/fd4b7f57399bed85db0d4066ba12c2633ce87ba3
8
reference_url https://moodle.org/mod/forum/discuss.php?d=256416
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=256416
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-2571
reference_id CVE-2014-2571
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-2571
10
reference_url https://github.com/advisories/GHSA-75c6-xqwr-v2r9
reference_id GHSA-75c6-xqwr-v2r9
reference_type
scores
url https://github.com/advisories/GHSA-75c6-xqwr-v2r9
fixed_packages
0
url pkg:composer/moodle/moodle@2.4.9
purl pkg:composer/moodle/moodle@2.4.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.9
1
url pkg:composer/moodle/moodle@2.5.5
purl pkg:composer/moodle/moodle@2.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.5
2
url pkg:composer/moodle/moodle@2.6.2
purl pkg:composer/moodle/moodle@2.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.2
aliases CVE-2014-2571, GHSA-75c6-xqwr-v2r9
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1whm-dsv7-t7gm
1
url VCID-4xqt-yugc-qufr
vulnerability_id VCID-4xqt-yugc-qufr
summary 
Moodle's time-validation implementation allows bypassing intended restrictions
The time-validation implementation in (1) mod/feedback/complete.php and (2) mod/feedback/complete_guest.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote authenticated users to bypass intended restrictions on starting a Feedback activity by choosing an unavailable time.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43656
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43656
1
reference_url http://openwall.com/lists/oss-security/2014/03/17/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/03/17/1
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0127
reference_id
reference_type
scores
0
value 0.00171
scoring_system epss
scoring_elements 0.38101
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0127
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/1298acc7075614d8f24befe7e50edbd695498d66
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/1298acc7075614d8f24befe7e50edbd695498d66
5
reference_url https://github.com/moodle/moodle/commit/71037bf26c1e66c628f952b777a9b068775f7b24
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/71037bf26c1e66c628f952b777a9b068775f7b24
6
reference_url https://github.com/moodle/moodle/commit/7b839b0ec1d3d7fdfe7f76066c49829936a2390e
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/7b839b0ec1d3d7fdfe7f76066c49829936a2390e
7
reference_url https://github.com/moodle/moodle/commit/aea324963dfee857315d147bf0c17659bb43991e
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/aea324963dfee857315d147bf0c17659bb43991e
8
reference_url https://moodle.org/mod/forum/discuss.php?d=256417
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=256417
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0127
reference_id CVE-2014-0127
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0127
10
reference_url https://github.com/advisories/GHSA-6p3g-hw27-qh44
reference_id GHSA-6p3g-hw27-qh44
reference_type
scores
url https://github.com/advisories/GHSA-6p3g-hw27-qh44
fixed_packages
0
url pkg:composer/moodle/moodle@2.4.9
purl pkg:composer/moodle/moodle@2.4.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.9
1
url pkg:composer/moodle/moodle@2.5.5
purl pkg:composer/moodle/moodle@2.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.5
2
url pkg:composer/moodle/moodle@2.6.2
purl pkg:composer/moodle/moodle@2.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.2
aliases CVE-2014-0127, GHSA-6p3g-hw27-qh44
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4xqt-yugc-qufr
2
url VCID-5ru2-1n1f-afa4
vulnerability_id VCID-5ru2-1n1f-afa4
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in Flowplayer Flash before 3.2.17, as used in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2, allow remote attackers to inject arbitrary web script or HTML by (1) providing a crafted playerId or (2) referencing an external domain, a related issue to CVE-2013-7342.
references
0
reference_url http://flash.flowplayer.org/documentation/version-history.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://flash.flowplayer.org/documentation/version-history.html
1
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43344
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43344
2
reference_url http://openwall.com/lists/oss-security/2014/03/17/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/03/17/1
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-7341
reference_id
reference_type
scores
0
value 0.00258
scoring_system epss
scoring_elements 0.49439
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-7341
4
reference_url https://github.com/flowplayer/flash/issues/121
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/flowplayer/flash/issues/121
5
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
6
reference_url https://github.com/moodle/moodle/commit/98d135fea3006334093efa822205d4b2c3fd8ff9
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/98d135fea3006334093efa822205d4b2c3fd8ff9
7
reference_url https://github.com/moodle/moodle/commit/9f2967e301d123d11625f3b6948e1ee538086791
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/9f2967e301d123d11625f3b6948e1ee538086791
8
reference_url https://github.com/moodle/moodle/commit/c3cd5e1db9de4f1a634492d99990534e30518066
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/c3cd5e1db9de4f1a634492d99990534e30518066
9
reference_url https://github.com/moodle/moodle/commit/d65634044ebaa738f55bdec521beb42844d6916a
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/d65634044ebaa738f55bdec521beb42844d6916a
10
reference_url https://moodle.org/mod/forum/discuss.php?d=256420
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=256420
11
reference_url https://typo3.org/security/advisory/typo3-core-sa-2015-007
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2015-007
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-7341
reference_id CVE-2013-7341
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-7341
13
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2013-7341.yaml
reference_id CVE-2013-7341.YAML
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2013-7341.yaml
14
reference_url https://github.com/advisories/GHSA-j6c3-3c4w-qv8p
reference_id GHSA-j6c3-3c4w-qv8p
reference_type
scores
url https://github.com/advisories/GHSA-j6c3-3c4w-qv8p
fixed_packages
0
url pkg:composer/moodle/moodle@2.4.9
purl pkg:composer/moodle/moodle@2.4.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.9
1
url pkg:composer/moodle/moodle@2.5.5
purl pkg:composer/moodle/moodle@2.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.5
2
url pkg:composer/moodle/moodle@2.6.2
purl pkg:composer/moodle/moodle@2.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.2
aliases CVE-2013-7341, GHSA-j6c3-3c4w-qv8p
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5ru2-1n1f-afa4
3
url VCID-6v43-drd7-ufd7
vulnerability_id VCID-6v43-drd7-ufd7
summary 
Moodle allows bypass of intended access restrictions
mod/chat/chat_ajax.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 does not properly check for the mod/chat:chat capability during chat sessions, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by remaining in a chat session after an intra-session capability removal by an administrator.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44082
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44082
1
reference_url http://openwall.com/lists/oss-security/2014/03/17/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/03/17/1
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0122
reference_id
reference_type
scores
0
value 0.00171
scoring_system epss
scoring_elements 0.38101
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0122
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/3d7810ab3d67a423a760ba89ae75de81d940b236
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/3d7810ab3d67a423a760ba89ae75de81d940b236
5
reference_url https://github.com/moodle/moodle/commit/4d4867503c2467cb04660d9cb314d22f56004054
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/4d4867503c2467cb04660d9cb314d22f56004054
6
reference_url https://github.com/moodle/moodle/commit/5c45ea0c6bf2fdf4dddfaef9fc5ff12e6b426a3f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/5c45ea0c6bf2fdf4dddfaef9fc5ff12e6b426a3f
7
reference_url https://github.com/moodle/moodle/commit/7748e17207b1a28118d9dc622878da22f956d3fe
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/7748e17207b1a28118d9dc622878da22f956d3fe
8
reference_url https://moodle.org/mod/forum/discuss.php?d=256418
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=256418
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0122
reference_id CVE-2014-0122
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0122
10
reference_url https://github.com/advisories/GHSA-f9m9-494r-w36p
reference_id GHSA-f9m9-494r-w36p
reference_type
scores
url https://github.com/advisories/GHSA-f9m9-494r-w36p
fixed_packages
0
url pkg:composer/moodle/moodle@2.4.9
purl pkg:composer/moodle/moodle@2.4.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.9
1
url pkg:composer/moodle/moodle@2.5.5
purl pkg:composer/moodle/moodle@2.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.5
2
url pkg:composer/moodle/moodle@2.6.2
purl pkg:composer/moodle/moodle@2.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.2
aliases CVE-2014-0122, GHSA-f9m9-494r-w36p
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6v43-drd7-ufd7
4
url VCID-88pw-zwqn-cqfd
vulnerability_id VCID-88pw-zwqn-cqfd
summary 
Moodle places a session key in a URL
repository/alfresco/lib.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 places a session key in a URL, which allows remote attackers to bypass intended Alfresco Repository file restrictions by impersonating a file's owner.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-29409
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-29409
1
reference_url http://openwall.com/lists/oss-security/2014/03/17/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/03/17/1
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0125
reference_id
reference_type
scores
0
value 0.00201
scoring_system epss
scoring_elements 0.421
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0125
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/4bc5dd32178cbaa62c466f74bf6d0ebafb697818
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/4bc5dd32178cbaa62c466f74bf6d0ebafb697818
5
reference_url https://github.com/moodle/moodle/commit/a71a6de914bec01df4268d0547c7a52917c4192f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/a71a6de914bec01df4268d0547c7a52917c4192f
6
reference_url https://github.com/moodle/moodle/commit/ee8f17db890d7fa1bfc2cfd49ff8d21b41d29331
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/ee8f17db890d7fa1bfc2cfd49ff8d21b41d29331
7
reference_url https://github.com/moodle/moodle/commit/f4f0aa27d43527c15070d00bc96be879876ccc38
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/f4f0aa27d43527c15070d00bc96be879876ccc38
8
reference_url https://moodle.org/mod/forum/discuss.php?d=256422
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=256422
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0125
reference_id CVE-2014-0125
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0125
10
reference_url https://github.com/advisories/GHSA-j465-7mp6-3xg3
reference_id GHSA-j465-7mp6-3xg3
reference_type
scores
url https://github.com/advisories/GHSA-j465-7mp6-3xg3
fixed_packages
0
url pkg:composer/moodle/moodle@2.4.9
purl pkg:composer/moodle/moodle@2.4.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.9
1
url pkg:composer/moodle/moodle@2.5.5
purl pkg:composer/moodle/moodle@2.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.5
2
url pkg:composer/moodle/moodle@2.6.2
purl pkg:composer/moodle/moodle@2.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.2
aliases CVE-2014-0125, GHSA-j465-7mp6-3xg3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-88pw-zwqn-cqfd
5
url VCID-cvqm-kjhx-q7ej
vulnerability_id VCID-cvqm-kjhx-q7ej
summary 
Cross-Site Request Forgery (CSRF)
Cross-site request forgery (CSRF) vulnerability in enrol/imsenterprise/importnow.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to hijack the authentication of administrators for requests that import an IMS Enterprise file.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43146
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43146
1
reference_url http://openwall.com/lists/oss-security/2014/03/17/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/03/17/1
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0126
reference_id
reference_type
scores
0
value 0.00126
scoring_system epss
scoring_elements 0.31397
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0126
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/41a19bffeef0ee6b0560a5ff808fd4bd35075fa1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/41a19bffeef0ee6b0560a5ff808fd4bd35075fa1
5
reference_url https://github.com/moodle/moodle/commit/caf766507771e07c1752ece1f37a32b2b4f6d8b9
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/caf766507771e07c1752ece1f37a32b2b4f6d8b9
6
reference_url https://github.com/moodle/moodle/commit/ea8647b39ec9cf1d73e04b05559bd12d97aa5229
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/ea8647b39ec9cf1d73e04b05559bd12d97aa5229
7
reference_url https://github.com/moodle/moodle/commit/eee61675f042a9ec89f8f6d219b4ded010198fe4
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/eee61675f042a9ec89f8f6d219b4ded010198fe4
8
reference_url https://moodle.org/mod/forum/discuss.php?d=256423
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=256423
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0126
reference_id CVE-2014-0126
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0126
10
reference_url https://github.com/advisories/GHSA-4wvg-7886-83gv
reference_id GHSA-4wvg-7886-83gv
reference_type
scores
url https://github.com/advisories/GHSA-4wvg-7886-83gv
fixed_packages
0
url pkg:composer/moodle/moodle@2.4.9
purl pkg:composer/moodle/moodle@2.4.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.9
1
url pkg:composer/moodle/moodle@2.5.5
purl pkg:composer/moodle/moodle@2.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.5
2
url pkg:composer/moodle/moodle@2.6.2
purl pkg:composer/moodle/moodle@2.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.2
aliases CVE-2014-0126, GHSA-4wvg-7886-83gv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cvqm-kjhx-q7ej
6
url VCID-gdz8-d8j3-nqdh
vulnerability_id VCID-gdz8-d8j3-nqdh
summary 
Moodle allows attackers to obtain sensitive information
The identity-reporting implementations in mod/forum/renderer.php and mod/quiz/override_form.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 do not properly restrict the display of e-mail addresses, which allows remote authenticated users to obtain sensitive information by using the (1) Forum or (2) Quiz module.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43916
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43916
1
reference_url http://openwall.com/lists/oss-security/2014/03/17/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/03/17/1
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0124
reference_id
reference_type
scores
0
value 0.00199
scoring_system epss
scoring_elements 0.41837
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0124
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/2978623cda4521773fe2d45e04bee76601de487f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/2978623cda4521773fe2d45e04bee76601de487f
5
reference_url https://github.com/moodle/moodle/commit/ae0ec61180ec71cb5b158633b0a3523a7ca41a82
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/ae0ec61180ec71cb5b158633b0a3523a7ca41a82
6
reference_url https://github.com/moodle/moodle/commit/db4e2c4cd47d48ebf06424d942bf603a8fa94d97
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/db4e2c4cd47d48ebf06424d942bf603a8fa94d97
7
reference_url https://github.com/moodle/moodle/commit/dc8f55c30211efd6fac80386e5b3bffef31cca13
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/dc8f55c30211efd6fac80386e5b3bffef31cca13
8
reference_url https://moodle.org/mod/forum/discuss.php?d=256421
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=256421
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0124
reference_id CVE-2014-0124
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0124
10
reference_url https://github.com/advisories/GHSA-fc5p-vj3h-x7g4
reference_id GHSA-fc5p-vj3h-x7g4
reference_type
scores
url https://github.com/advisories/GHSA-fc5p-vj3h-x7g4
fixed_packages
0
url pkg:composer/moodle/moodle@2.4.9
purl pkg:composer/moodle/moodle@2.4.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.9
1
url pkg:composer/moodle/moodle@2.5.5
purl pkg:composer/moodle/moodle@2.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.5
2
url pkg:composer/moodle/moodle@2.6.2
purl pkg:composer/moodle/moodle@2.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.2
aliases CVE-2014-0124, GHSA-fc5p-vj3h-x7g4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gdz8-d8j3-nqdh
7
url VCID-q3wv-9hj6-vbgt
vulnerability_id VCID-q3wv-9hj6-vbgt
summary 
Moodle does not properly restrict access
The wiki subsystem in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 does not properly restrict (1) view and (2) edit access, which allows remote authenticated users to perform wiki operations by leveraging the student role and using the Recent Activity block to reach the individual wiki of an arbitrary student.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-39990
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-39990
1
reference_url http://openwall.com/lists/oss-security/2014/03/17/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/03/17/1
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0123
reference_id
reference_type
scores
0
value 0.00193
scoring_system epss
scoring_elements 0.41039
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0123
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/3a7b9b76c2d3c58237bec56b3b537e05c23970ad
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/3a7b9b76c2d3c58237bec56b3b537e05c23970ad
5
reference_url https://github.com/moodle/moodle/commit/d9596365e59ac53787105ff326f7f2bab5b9bada
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/d9596365e59ac53787105ff326f7f2bab5b9bada
6
reference_url https://github.com/moodle/moodle/commit/e6499fb8a4463b1130babb09c42f3d5559276d17
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/e6499fb8a4463b1130babb09c42f3d5559276d17
7
reference_url https://github.com/moodle/moodle/commit/fa0777902633b54ca5566dd8af304ce5587051e5
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/fa0777902633b54ca5566dd8af304ce5587051e5
8
reference_url https://moodle.org/mod/forum/discuss.php?d=256419
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=256419
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0123
reference_id CVE-2014-0123
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0123
10
reference_url https://github.com/advisories/GHSA-2vhr-4mhq-m35c
reference_id GHSA-2vhr-4mhq-m35c
reference_type
scores
url https://github.com/advisories/GHSA-2vhr-4mhq-m35c
fixed_packages
0
url pkg:composer/moodle/moodle@2.4.9
purl pkg:composer/moodle/moodle@2.4.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.9
1
url pkg:composer/moodle/moodle@2.5.5
purl pkg:composer/moodle/moodle@2.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.5
2
url pkg:composer/moodle/moodle@2.6.2
purl pkg:composer/moodle/moodle@2.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.2
aliases CVE-2014-0123, GHSA-2vhr-4mhq-m35c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q3wv-9hj6-vbgt
8
url VCID-vrfy-36yc-muhr
vulnerability_id VCID-vrfy-36yc-muhr
summary 
Moodle allows attackers to modify the visibility of a badge
badges/mybadges.php in Moodle 2.5.x before 2.5.5 and 2.6.x before 2.6.2 does not properly track the user to whom a badge was issued, which allows remote authenticated users to modify the visibility of an arbitrary badge via unspecified vectors.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44140
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44140
1
reference_url http://openwall.com/lists/oss-security/2014/03/17/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/03/17/1
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0129
reference_id
reference_type
scores
0
value 0.00193
scoring_system epss
scoring_elements 0.41039
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0129
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/100ec861820ce763d4f25a9f98649bb1ae17e7a5
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/100ec861820ce763d4f25a9f98649bb1ae17e7a5
5
reference_url https://github.com/moodle/moodle/commit/28c8ac2c4a8d831f0efd653fa499a5d2384e6e88
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/28c8ac2c4a8d831f0efd653fa499a5d2384e6e88
6
reference_url https://github.com/moodle/moodle/commit/c5d7d20f40a71e23d951c7272675a19fef170fbe
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/c5d7d20f40a71e23d951c7272675a19fef170fbe
7
reference_url https://moodle.org/mod/forum/discuss.php?d=256424
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=256424
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0129
reference_id CVE-2014-0129
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0129
9
reference_url https://github.com/advisories/GHSA-5rr5-fxhc-jv64
reference_id GHSA-5rr5-fxhc-jv64
reference_type
scores
url https://github.com/advisories/GHSA-5rr5-fxhc-jv64
fixed_packages
0
url pkg:composer/moodle/moodle@2.5.5
purl pkg:composer/moodle/moodle@2.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.5
1
url pkg:composer/moodle/moodle@2.6.2
purl pkg:composer/moodle/moodle@2.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.2
aliases CVE-2014-0129, GHSA-5rr5-fxhc-jv64
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vrfy-36yc-muhr
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.5