Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/moodle/moodle@2.7.3
Typecomposer
Namespacemoodle
Namemoodle
Version2.7.3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.5.18
Latest_non_vulnerable_version5.1.2
Affected_by_vulnerabilities
0
url VCID-2dxb-v1af-jbax
vulnerability_id VCID-2dxb-v1af-jbax
summary 
Cross-Site Request Forgery (CSRF)
A CSRF attack is possible that allows attackers to change the "number of courses displayed in the course overview block" configuration setting.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7491
reference_id
reference_type
scores
0
value 0.00122
scoring_system epss
scoring_elements 0.30767
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7491
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=352355
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=352355
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7491
reference_id CVE-2017-7491
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-7491
fixed_packages
0
url pkg:composer/moodle/moodle@2.7.19
purl pkg:composer/moodle/moodle@2.7.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-ajkr-fxa1-mkhk
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-duna-st9c-mqbk
6
vulnerability VCID-eu27-a3px-87ed
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-k73h-z6j8-gkgz
9
vulnerability VCID-m3np-aebb-8qaa
10
vulnerability VCID-m4zv-e3dn-budf
11
vulnerability VCID-mkfz-e1ft-2bcw
12
vulnerability VCID-nntc-dsz1-e3fp
13
vulnerability VCID-qhv1-wgpm-7fh6
14
vulnerability VCID-r6kn-b963-eqge
15
vulnerability VCID-s6uu-335k-yfbc
16
vulnerability VCID-vfp6-4h8n-bkax
17
vulnerability VCID-w9ca-exua-g7ar
18
vulnerability VCID-x7rg-rsb5-pya7
19
vulnerability VCID-y8up-cqtu-jkdw
20
vulnerability VCID-yghg-775s-vber
21
vulnerability VCID-zjrq-np3y-hua5
22
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.19
1
url pkg:composer/moodle/moodle@2.7.20
purl pkg:composer/moodle/moodle@2.7.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-ajkr-fxa1-mkhk
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-duna-st9c-mqbk
6
vulnerability VCID-eu27-a3px-87ed
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-k73h-z6j8-gkgz
9
vulnerability VCID-m3np-aebb-8qaa
10
vulnerability VCID-m4zv-e3dn-budf
11
vulnerability VCID-mkfz-e1ft-2bcw
12
vulnerability VCID-nntc-dsz1-e3fp
13
vulnerability VCID-qhv1-wgpm-7fh6
14
vulnerability VCID-r6kn-b963-eqge
15
vulnerability VCID-s6uu-335k-yfbc
16
vulnerability VCID-vfp6-4h8n-bkax
17
vulnerability VCID-w9ca-exua-g7ar
18
vulnerability VCID-x7rg-rsb5-pya7
19
vulnerability VCID-y8up-cqtu-jkdw
20
vulnerability VCID-yghg-775s-vber
21
vulnerability VCID-zjrq-np3y-hua5
22
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.20
2
url pkg:composer/moodle/moodle@3.0.9
purl pkg:composer/moodle/moodle@3.0.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-9nd7-4wve-97hc
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-duna-st9c-mqbk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-jcq6-btgz-fkf6
9
vulnerability VCID-k73h-z6j8-gkgz
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-m4zv-e3dn-budf
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-r6kn-b963-eqge
16
vulnerability VCID-s6uu-335k-yfbc
17
vulnerability VCID-vfp6-4h8n-bkax
18
vulnerability VCID-w9ca-exua-g7ar
19
vulnerability VCID-x7rg-rsb5-pya7
20
vulnerability VCID-y8up-cqtu-jkdw
21
vulnerability VCID-yghg-775s-vber
22
vulnerability VCID-zgzm-wj81-jkah
23
vulnerability VCID-zjrq-np3y-hua5
24
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.9
3
url pkg:composer/moodle/moodle@3.0.10
purl pkg:composer/moodle/moodle@3.0.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-9nd7-4wve-97hc
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-duna-st9c-mqbk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-jcq6-btgz-fkf6
9
vulnerability VCID-k73h-z6j8-gkgz
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-m4zv-e3dn-budf
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-r6kn-b963-eqge
16
vulnerability VCID-s6uu-335k-yfbc
17
vulnerability VCID-vfp6-4h8n-bkax
18
vulnerability VCID-w9ca-exua-g7ar
19
vulnerability VCID-x7rg-rsb5-pya7
20
vulnerability VCID-y8up-cqtu-jkdw
21
vulnerability VCID-yghg-775s-vber
22
vulnerability VCID-zgzm-wj81-jkah
23
vulnerability VCID-zjrq-np3y-hua5
24
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.10
4
url pkg:composer/moodle/moodle@3.1.5
purl pkg:composer/moodle/moodle@3.1.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8mgr-gdzj-4ybs
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-9t4u-n1pn-w3bd
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-b7br-bh2d-rygp
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-ckg1-9vpt-yfdk
12
vulnerability VCID-deur-8zdf-2kh2
13
vulnerability VCID-duna-st9c-mqbk
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fegs-ubsk-63hu
16
vulnerability VCID-g8ct-c4ce-zuaf
17
vulnerability VCID-jcq6-btgz-fkf6
18
vulnerability VCID-k73h-z6j8-gkgz
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-p2gd-7uam-mqf8
24
vulnerability VCID-q2fa-jymp-c3bb
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-qxsq-ku22-r7gx
27
vulnerability VCID-r6kn-b963-eqge
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vfp6-4h8n-bkax
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-yghg-775s-vber
34
vulnerability VCID-yp82-zj5g-pbaf
35
vulnerability VCID-zgzm-wj81-jkah
36
vulnerability VCID-zjrq-np3y-hua5
37
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.5
5
url pkg:composer/moodle/moodle@3.1.6
purl pkg:composer/moodle/moodle@3.1.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8mgr-gdzj-4ybs
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-9t4u-n1pn-w3bd
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-b7br-bh2d-rygp
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-ckg1-9vpt-yfdk
12
vulnerability VCID-deur-8zdf-2kh2
13
vulnerability VCID-duna-st9c-mqbk
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fegs-ubsk-63hu
16
vulnerability VCID-g8ct-c4ce-zuaf
17
vulnerability VCID-jcq6-btgz-fkf6
18
vulnerability VCID-k73h-z6j8-gkgz
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-p2gd-7uam-mqf8
24
vulnerability VCID-q2fa-jymp-c3bb
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-qxsq-ku22-r7gx
27
vulnerability VCID-r6kn-b963-eqge
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vfp6-4h8n-bkax
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-yghg-775s-vber
34
vulnerability VCID-yp82-zj5g-pbaf
35
vulnerability VCID-zgzm-wj81-jkah
36
vulnerability VCID-zjrq-np3y-hua5
37
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.6
6
url pkg:composer/moodle/moodle@3.2.3
purl pkg:composer/moodle/moodle@3.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-9nd7-4wve-97hc
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-b7br-bh2d-rygp
6
vulnerability VCID-ckg1-9vpt-yfdk
7
vulnerability VCID-duna-st9c-mqbk
8
vulnerability VCID-eu27-a3px-87ed
9
vulnerability VCID-fegs-ubsk-63hu
10
vulnerability VCID-g8ct-c4ce-zuaf
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-nc2j-pay7-ryab
16
vulnerability VCID-nntc-dsz1-e3fp
17
vulnerability VCID-p2gd-7uam-mqf8
18
vulnerability VCID-q2fa-jymp-c3bb
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-w9ca-exua-g7ar
21
vulnerability VCID-x7rg-rsb5-pya7
22
vulnerability VCID-y8up-cqtu-jkdw
23
vulnerability VCID-yghg-775s-vber
24
vulnerability VCID-yp82-zj5g-pbaf
25
vulnerability VCID-zgzm-wj81-jkah
26
vulnerability VCID-zjrq-np3y-hua5
27
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.3
aliases CVE-2017-7491, GHSA-3hmr-948v-5qgq
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2dxb-v1af-jbax
1
url VCID-2s6b-tp6p-gue1
vulnerability_id VCID-2s6b-tp6p-gue1
summary 
Cross-Site Request Forgery (CSRF)
A sesskey (CSRF) token was not being utilised by the XML loading/unloading admin tool.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10186
reference_id
reference_type
scores
0
value 0.00371
scoring_system epss
scoring_elements 0.59199
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10186
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10186
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10186
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/ea1ac3c7efbddbdb210ea4c75e7156c7d7ee914b
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/ea1ac3c7efbddbdb210ea4c75e7156c7d7ee914b
4
reference_url https://moodle.org/mod/forum/discuss.php?d=388567#p1566329
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=388567#p1566329
5
reference_url https://web.archive.org/web/20210125055044/https://www.securityfocus.com/bid/109175
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210125055044/https://www.securityfocus.com/bid/109175
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10186
reference_id CVE-2019-10186
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10186
fixed_packages
0
url pkg:composer/moodle/moodle@3.5.7
purl pkg:composer/moodle/moodle@3.5.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-42fa-qbft-rfff
2
vulnerability VCID-56wj-4124-ryd2
3
vulnerability VCID-6m19-4krm-2udd
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-bbj9-hpz3-xqhh
6
vulnerability VCID-c1a1-z5m1-nfbc
7
vulnerability VCID-dpd2-1sqc-qqfy
8
vulnerability VCID-fskk-cb95-uqer
9
vulnerability VCID-gnez-ehgq-rfbr
10
vulnerability VCID-hhzz-hbqz-akfw
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-jcsq-3q5z-4kc6
13
vulnerability VCID-kgva-z9gg-u3dw
14
vulnerability VCID-mhm4-8kuk-t7b6
15
vulnerability VCID-mkfz-e1ft-2bcw
16
vulnerability VCID-mqde-66zm-qbbj
17
vulnerability VCID-nntc-dsz1-e3fp
18
vulnerability VCID-paj4-nq1r-jbd3
19
vulnerability VCID-pgfa-bkaw-q7cq
20
vulnerability VCID-w2b2-fuky-j3ff
21
vulnerability VCID-y8up-cqtu-jkdw
22
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7
1
url pkg:composer/moodle/moodle@3.6.5
purl pkg:composer/moodle/moodle@3.6.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a6pb-47tu-afcg
1
vulnerability VCID-hhzz-hbqz-akfw
2
vulnerability VCID-jcq6-btgz-fkf6
3
vulnerability VCID-kgva-z9gg-u3dw
4
vulnerability VCID-n5tc-1k33-dfeq
5
vulnerability VCID-paj4-nq1r-jbd3
6
vulnerability VCID-w2b2-fuky-j3ff
7
vulnerability VCID-y8up-cqtu-jkdw
8
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.5
2
url pkg:composer/moodle/moodle@3.7.1
purl pkg:composer/moodle/moodle@3.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-3uvf-6ztd-xkaf
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-494p-pmxw-b7e2
4
vulnerability VCID-56wj-4124-ryd2
5
vulnerability VCID-6m19-4krm-2udd
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-c14d-1sa2-rkf6
8
vulnerability VCID-c1a1-z5m1-nfbc
9
vulnerability VCID-fskk-cb95-uqer
10
vulnerability VCID-hhzz-hbqz-akfw
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-jcsq-3q5z-4kc6
13
vulnerability VCID-kgva-z9gg-u3dw
14
vulnerability VCID-n5tc-1k33-dfeq
15
vulnerability VCID-paj4-nq1r-jbd3
16
vulnerability VCID-w2b2-fuky-j3ff
17
vulnerability VCID-y8up-cqtu-jkdw
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1
aliases CVE-2019-10186, GHSA-wv9c-pfpm-4wc5
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2s6b-tp6p-gue1
2
url VCID-37pj-u3gh-n7fd
vulnerability_id VCID-37pj-u3gh-n7fd
summary 
Insertion of Sensitive Information into Log File
Moodle does not properly restrict links, which allows remote attackers to obtain sensitive URL information by reading a Referer log.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52651
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52651
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2190
reference_id
reference_type
scores
0
value 0.00437
scoring_system epss
scoring_elements 0.63393
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2190
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/1688564a6eee6000013f6e185f704049283ae375
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/1688564a6eee6000013f6e185f704049283ae375
4
reference_url https://github.com/moodle/moodle/commit/190757854d9ce3b3ce3100dc76de54277f3bdd14
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/190757854d9ce3b3ce3100dc76de54277f3bdd14
5
reference_url https://github.com/moodle/moodle/commit/314d105c169c67e3ce750f76b21d99983d4a9ff5
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/314d105c169c67e3ce750f76b21d99983d4a9ff5
6
reference_url https://github.com/moodle/moodle/commit/4d6f159f681882496e05ddacf2561929d2d23f0e
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/4d6f159f681882496e05ddacf2561929d2d23f0e
7
reference_url https://github.com/moodle/moodle/commit/9f91c23536a31ba2dc91b0ba2ae726b1757a20cb
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/9f91c23536a31ba2dc91b0ba2ae726b1757a20cb
8
reference_url https://moodle.org/mod/forum/discuss.php?d=330181
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=330181
9
reference_url https://web.archive.org/web/20210801130148/http://www.securitytracker.com/id/1035333
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210801130148/http://www.securitytracker.com/id/1035333
10
reference_url http://www.openwall.com/lists/oss-security/2016/03/21/1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/03/21/1
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2190
reference_id CVE-2016-2190
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-2190
12
reference_url https://github.com/advisories/GHSA-r9pc-g29w-f86j
reference_id GHSA-r9pc-g29w-f86j
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r9pc-g29w-f86j
fixed_packages
0
url pkg:composer/moodle/moodle@2.7.13
purl pkg:composer/moodle/moodle@2.7.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-4kq5-ctsv-eka8
3
vulnerability VCID-5rbf-4dz3-2qdz
4
vulnerability VCID-65y9-9ur2-pugc
5
vulnerability VCID-83kb-4mk9-t7ge
6
vulnerability VCID-8cc1-hbzm-87bx
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-bjnq-q2nd-1khp
10
vulnerability VCID-dhku-uah4-ykh8
11
vulnerability VCID-duna-st9c-mqbk
12
vulnerability VCID-eu27-a3px-87ed
13
vulnerability VCID-fsex-f512-pudv
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-k1bh-ymgt-e7cd
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-kgvw-uxf4-wbc1
18
vulnerability VCID-m3np-aebb-8qaa
19
vulnerability VCID-m4zv-e3dn-budf
20
vulnerability VCID-mkfz-e1ft-2bcw
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-qhv1-wgpm-7fh6
23
vulnerability VCID-r6kn-b963-eqge
24
vulnerability VCID-s3ue-e5h8-f3dy
25
vulnerability VCID-s6uu-335k-yfbc
26
vulnerability VCID-vb67-yux5-ayhf
27
vulnerability VCID-vfp6-4h8n-bkax
28
vulnerability VCID-vtq4-fpr8-hudb
29
vulnerability VCID-w9ca-exua-g7ar
30
vulnerability VCID-x7rg-rsb5-pya7
31
vulnerability VCID-y8up-cqtu-jkdw
32
vulnerability VCID-yghg-775s-vber
33
vulnerability VCID-zjrq-np3y-hua5
34
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.13
1
url pkg:composer/moodle/moodle@2.8.11
purl pkg:composer/moodle/moodle@2.8.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4kq5-ctsv-eka8
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8cc1-hbzm-87bx
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fsex-f512-pudv
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-k1bh-ymgt-e7cd
13
vulnerability VCID-k73h-z6j8-gkgz
14
vulnerability VCID-kgvw-uxf4-wbc1
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-r6kn-b963-eqge
21
vulnerability VCID-s3ue-e5h8-f3dy
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zjrq-np3y-hua5
30
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.11
2
url pkg:composer/moodle/moodle@2.9.5
purl pkg:composer/moodle/moodle@2.9.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4kq5-ctsv-eka8
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8cc1-hbzm-87bx
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fsex-f512-pudv
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-k1bh-ymgt-e7cd
13
vulnerability VCID-k73h-z6j8-gkgz
14
vulnerability VCID-kgvw-uxf4-wbc1
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-r6kn-b963-eqge
21
vulnerability VCID-s3ue-e5h8-f3dy
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zjrq-np3y-hua5
30
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.5
3
url pkg:composer/moodle/moodle@3.0.3
purl pkg:composer/moodle/moodle@3.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-4kq5-ctsv-eka8
3
vulnerability VCID-5rbf-4dz3-2qdz
4
vulnerability VCID-65y9-9ur2-pugc
5
vulnerability VCID-83kb-4mk9-t7ge
6
vulnerability VCID-8cc1-hbzm-87bx
7
vulnerability VCID-9nd7-4wve-97hc
8
vulnerability VCID-a6pb-47tu-afcg
9
vulnerability VCID-ajkr-fxa1-mkhk
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-dhku-uah4-ykh8
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eu27-a3px-87ed
14
vulnerability VCID-fsex-f512-pudv
15
vulnerability VCID-jcq6-btgz-fkf6
16
vulnerability VCID-k1bh-ymgt-e7cd
17
vulnerability VCID-k73h-z6j8-gkgz
18
vulnerability VCID-kgvw-uxf4-wbc1
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-qhv1-wgpm-7fh6
24
vulnerability VCID-r6kn-b963-eqge
25
vulnerability VCID-s3ue-e5h8-f3dy
26
vulnerability VCID-s6uu-335k-yfbc
27
vulnerability VCID-vb67-yux5-ayhf
28
vulnerability VCID-vfp6-4h8n-bkax
29
vulnerability VCID-vtq4-fpr8-hudb
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-yghg-775s-vber
34
vulnerability VCID-zgzm-wj81-jkah
35
vulnerability VCID-zjrq-np3y-hua5
36
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.3
aliases CVE-2016-2190, GHSA-r9pc-g29w-f86j
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-37pj-u3gh-n7fd
3
url VCID-4kq5-ctsv-eka8
vulnerability_id VCID-4kq5-ctsv-eka8
summary 
Improper Access Control
The "restore teacher" feature in Moodle allows remote authenticated users to overwrite the course id number.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-51369
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-51369
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3733
reference_id
reference_type
scores
0
value 0.00442
scoring_system epss
scoring_elements 0.6359
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3733
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1335933
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1335933
3
reference_url https://github.com/moodle/moodle/commit/12c28574868d6f6e5c57fb63298c82cb8bdd0bb6
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/12c28574868d6f6e5c57fb63298c82cb8bdd0bb6
4
reference_url https://github.com/moodle/moodle/commit/24b0c3c86ae96e46b87d6e9d6bcf4a6014dae8f0
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/24b0c3c86ae96e46b87d6e9d6bcf4a6014dae8f0
5
reference_url https://github.com/moodle/moodle/commit/2950f9fb9128f9ae48e00b864da90be76c2bf139
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/2950f9fb9128f9ae48e00b864da90be76c2bf139
6
reference_url https://github.com/moodle/moodle/commit/3c9d2b104023a8b9fdc5f4d7e136083babd2609a
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/3c9d2b104023a8b9fdc5f4d7e136083babd2609a
7
reference_url http://www.openwall.com/lists/oss-security/2016/05/17/4
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/05/17/4
8
reference_url http://www.securitytracker.com/id/1035902
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1035902
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3733
reference_id CVE-2016-3733
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3733
10
reference_url https://github.com/advisories/GHSA-gr8j-qm8r-rfgg
reference_id GHSA-gr8j-qm8r-rfgg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gr8j-qm8r-rfgg
fixed_packages
0
url pkg:composer/moodle/moodle@2.7.14
purl pkg:composer/moodle/moodle@2.7.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-5rbf-4dz3-2qdz
3
vulnerability VCID-65y9-9ur2-pugc
4
vulnerability VCID-83kb-4mk9-t7ge
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-dhku-uah4-ykh8
9
vulnerability VCID-duna-st9c-mqbk
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k73h-z6j8-gkgz
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-r6kn-b963-eqge
21
vulnerability VCID-s6uu-335k-yfbc
22
vulnerability VCID-vb67-yux5-ayhf
23
vulnerability VCID-vfp6-4h8n-bkax
24
vulnerability VCID-vtq4-fpr8-hudb
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zjrq-np3y-hua5
30
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.14
1
url pkg:composer/moodle/moodle@2.8.12
purl pkg:composer/moodle/moodle@2.8.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-65y9-9ur2-pugc
2
vulnerability VCID-83kb-4mk9-t7ge
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-duna-st9c-mqbk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-fsex-f512-pudv
9
vulnerability VCID-jcq6-btgz-fkf6
10
vulnerability VCID-k1bh-ymgt-e7cd
11
vulnerability VCID-k73h-z6j8-gkgz
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-nntc-dsz1-e3fp
16
vulnerability VCID-qhv1-wgpm-7fh6
17
vulnerability VCID-qtt4-455b-abb6
18
vulnerability VCID-r6kn-b963-eqge
19
vulnerability VCID-s6uu-335k-yfbc
20
vulnerability VCID-v54t-5thx-1beu
21
vulnerability VCID-vb67-yux5-ayhf
22
vulnerability VCID-vfp6-4h8n-bkax
23
vulnerability VCID-w9ca-exua-g7ar
24
vulnerability VCID-x7rg-rsb5-pya7
25
vulnerability VCID-y8up-cqtu-jkdw
26
vulnerability VCID-yghg-775s-vber
27
vulnerability VCID-zjrq-np3y-hua5
28
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.12
2
url pkg:composer/moodle/moodle@2.9.6
purl pkg:composer/moodle/moodle@2.9.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-65y9-9ur2-pugc
2
vulnerability VCID-83kb-4mk9-t7ge
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-duna-st9c-mqbk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-fsex-f512-pudv
9
vulnerability VCID-jcq6-btgz-fkf6
10
vulnerability VCID-k1bh-ymgt-e7cd
11
vulnerability VCID-k73h-z6j8-gkgz
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-nntc-dsz1-e3fp
16
vulnerability VCID-qhv1-wgpm-7fh6
17
vulnerability VCID-qtt4-455b-abb6
18
vulnerability VCID-r6kn-b963-eqge
19
vulnerability VCID-s6uu-335k-yfbc
20
vulnerability VCID-vb67-yux5-ayhf
21
vulnerability VCID-vfp6-4h8n-bkax
22
vulnerability VCID-w9ca-exua-g7ar
23
vulnerability VCID-x7rg-rsb5-pya7
24
vulnerability VCID-y8up-cqtu-jkdw
25
vulnerability VCID-yghg-775s-vber
26
vulnerability VCID-zjrq-np3y-hua5
27
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.6
3
url pkg:composer/moodle/moodle@3.0.4
purl pkg:composer/moodle/moodle@3.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-5rbf-4dz3-2qdz
3
vulnerability VCID-65y9-9ur2-pugc
4
vulnerability VCID-83kb-4mk9-t7ge
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-ajkr-fxa1-mkhk
8
vulnerability VCID-bjnq-q2nd-1khp
9
vulnerability VCID-dhku-uah4-ykh8
10
vulnerability VCID-duna-st9c-mqbk
11
vulnerability VCID-eu27-a3px-87ed
12
vulnerability VCID-fsex-f512-pudv
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k1bh-ymgt-e7cd
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qtt4-455b-abb6
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-vtq4-fpr8-hudb
27
vulnerability VCID-w9ca-exua-g7ar
28
vulnerability VCID-x7rg-rsb5-pya7
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zgzm-wj81-jkah
32
vulnerability VCID-zjrq-np3y-hua5
33
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.4
aliases CVE-2016-3733, GHSA-gr8j-qm8r-rfgg
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4kq5-ctsv-eka8
4
url VCID-5rbf-4dz3-2qdz
vulnerability_id VCID-5rbf-4dz3-2qdz
summary 
Improper Privilege Management
Remote authenticated users can take ownership of arbitrary blogs by editing an external blog link.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7489
reference_id
reference_type
scores
0
value 0.00316
scoring_system epss
scoring_elements 0.54962
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7489
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=352353
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=352353
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7489
reference_id CVE-2017-7489
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-7489
fixed_packages
0
url pkg:composer/moodle/moodle@2.7.19
purl pkg:composer/moodle/moodle@2.7.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-ajkr-fxa1-mkhk
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-duna-st9c-mqbk
6
vulnerability VCID-eu27-a3px-87ed
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-k73h-z6j8-gkgz
9
vulnerability VCID-m3np-aebb-8qaa
10
vulnerability VCID-m4zv-e3dn-budf
11
vulnerability VCID-mkfz-e1ft-2bcw
12
vulnerability VCID-nntc-dsz1-e3fp
13
vulnerability VCID-qhv1-wgpm-7fh6
14
vulnerability VCID-r6kn-b963-eqge
15
vulnerability VCID-s6uu-335k-yfbc
16
vulnerability VCID-vfp6-4h8n-bkax
17
vulnerability VCID-w9ca-exua-g7ar
18
vulnerability VCID-x7rg-rsb5-pya7
19
vulnerability VCID-y8up-cqtu-jkdw
20
vulnerability VCID-yghg-775s-vber
21
vulnerability VCID-zjrq-np3y-hua5
22
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.19
1
url pkg:composer/moodle/moodle@2.7.20
purl pkg:composer/moodle/moodle@2.7.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-ajkr-fxa1-mkhk
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-duna-st9c-mqbk
6
vulnerability VCID-eu27-a3px-87ed
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-k73h-z6j8-gkgz
9
vulnerability VCID-m3np-aebb-8qaa
10
vulnerability VCID-m4zv-e3dn-budf
11
vulnerability VCID-mkfz-e1ft-2bcw
12
vulnerability VCID-nntc-dsz1-e3fp
13
vulnerability VCID-qhv1-wgpm-7fh6
14
vulnerability VCID-r6kn-b963-eqge
15
vulnerability VCID-s6uu-335k-yfbc
16
vulnerability VCID-vfp6-4h8n-bkax
17
vulnerability VCID-w9ca-exua-g7ar
18
vulnerability VCID-x7rg-rsb5-pya7
19
vulnerability VCID-y8up-cqtu-jkdw
20
vulnerability VCID-yghg-775s-vber
21
vulnerability VCID-zjrq-np3y-hua5
22
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.20
2
url pkg:composer/moodle/moodle@3.0.9
purl pkg:composer/moodle/moodle@3.0.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-9nd7-4wve-97hc
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-duna-st9c-mqbk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-jcq6-btgz-fkf6
9
vulnerability VCID-k73h-z6j8-gkgz
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-m4zv-e3dn-budf
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-r6kn-b963-eqge
16
vulnerability VCID-s6uu-335k-yfbc
17
vulnerability VCID-vfp6-4h8n-bkax
18
vulnerability VCID-w9ca-exua-g7ar
19
vulnerability VCID-x7rg-rsb5-pya7
20
vulnerability VCID-y8up-cqtu-jkdw
21
vulnerability VCID-yghg-775s-vber
22
vulnerability VCID-zgzm-wj81-jkah
23
vulnerability VCID-zjrq-np3y-hua5
24
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.9
3
url pkg:composer/moodle/moodle@3.0.10
purl pkg:composer/moodle/moodle@3.0.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-9nd7-4wve-97hc
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-duna-st9c-mqbk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-jcq6-btgz-fkf6
9
vulnerability VCID-k73h-z6j8-gkgz
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-m4zv-e3dn-budf
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-r6kn-b963-eqge
16
vulnerability VCID-s6uu-335k-yfbc
17
vulnerability VCID-vfp6-4h8n-bkax
18
vulnerability VCID-w9ca-exua-g7ar
19
vulnerability VCID-x7rg-rsb5-pya7
20
vulnerability VCID-y8up-cqtu-jkdw
21
vulnerability VCID-yghg-775s-vber
22
vulnerability VCID-zgzm-wj81-jkah
23
vulnerability VCID-zjrq-np3y-hua5
24
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.10
4
url pkg:composer/moodle/moodle@3.1.5
purl pkg:composer/moodle/moodle@3.1.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8mgr-gdzj-4ybs
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-9t4u-n1pn-w3bd
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-b7br-bh2d-rygp
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-ckg1-9vpt-yfdk
12
vulnerability VCID-deur-8zdf-2kh2
13
vulnerability VCID-duna-st9c-mqbk
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fegs-ubsk-63hu
16
vulnerability VCID-g8ct-c4ce-zuaf
17
vulnerability VCID-jcq6-btgz-fkf6
18
vulnerability VCID-k73h-z6j8-gkgz
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-p2gd-7uam-mqf8
24
vulnerability VCID-q2fa-jymp-c3bb
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-qxsq-ku22-r7gx
27
vulnerability VCID-r6kn-b963-eqge
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vfp6-4h8n-bkax
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-yghg-775s-vber
34
vulnerability VCID-yp82-zj5g-pbaf
35
vulnerability VCID-zgzm-wj81-jkah
36
vulnerability VCID-zjrq-np3y-hua5
37
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.5
5
url pkg:composer/moodle/moodle@3.1.6
purl pkg:composer/moodle/moodle@3.1.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8mgr-gdzj-4ybs
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-9t4u-n1pn-w3bd
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-b7br-bh2d-rygp
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-ckg1-9vpt-yfdk
12
vulnerability VCID-deur-8zdf-2kh2
13
vulnerability VCID-duna-st9c-mqbk
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fegs-ubsk-63hu
16
vulnerability VCID-g8ct-c4ce-zuaf
17
vulnerability VCID-jcq6-btgz-fkf6
18
vulnerability VCID-k73h-z6j8-gkgz
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-p2gd-7uam-mqf8
24
vulnerability VCID-q2fa-jymp-c3bb
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-qxsq-ku22-r7gx
27
vulnerability VCID-r6kn-b963-eqge
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vfp6-4h8n-bkax
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-yghg-775s-vber
34
vulnerability VCID-yp82-zj5g-pbaf
35
vulnerability VCID-zgzm-wj81-jkah
36
vulnerability VCID-zjrq-np3y-hua5
37
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.6
6
url pkg:composer/moodle/moodle@3.2.3
purl pkg:composer/moodle/moodle@3.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-9nd7-4wve-97hc
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-b7br-bh2d-rygp
6
vulnerability VCID-ckg1-9vpt-yfdk
7
vulnerability VCID-duna-st9c-mqbk
8
vulnerability VCID-eu27-a3px-87ed
9
vulnerability VCID-fegs-ubsk-63hu
10
vulnerability VCID-g8ct-c4ce-zuaf
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-nc2j-pay7-ryab
16
vulnerability VCID-nntc-dsz1-e3fp
17
vulnerability VCID-p2gd-7uam-mqf8
18
vulnerability VCID-q2fa-jymp-c3bb
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-w9ca-exua-g7ar
21
vulnerability VCID-x7rg-rsb5-pya7
22
vulnerability VCID-y8up-cqtu-jkdw
23
vulnerability VCID-yghg-775s-vber
24
vulnerability VCID-yp82-zj5g-pbaf
25
vulnerability VCID-zgzm-wj81-jkah
26
vulnerability VCID-zjrq-np3y-hua5
27
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.3
aliases CVE-2017-7489, GHSA-m34m-fgh4-v7cx
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5rbf-4dz3-2qdz
5
url VCID-65y9-9ur2-pugc
vulnerability_id VCID-65y9-9ur2-pugc
summary 
Improper Input Validation
There is incorrect sanitization of attributes in forums.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-2576
reference_id
reference_type
scores
0
value 0.00289
scoring_system epss
scoring_elements 0.5258
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-2576
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=345912
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=345912
3
reference_url http://www.securityfocus.com/bid/95649
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/95649
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-2576
reference_id CVE-2017-2576
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-2576
5
reference_url https://github.com/advisories/GHSA-cjrf-xg77-chpw
reference_id GHSA-cjrf-xg77-chpw
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cjrf-xg77-chpw
fixed_packages
0
url pkg:composer/moodle/moodle@2.7.18
purl pkg:composer/moodle/moodle@2.7.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-5rbf-4dz3-2qdz
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-bjnq-q2nd-1khp
7
vulnerability VCID-dhku-uah4-ykh8
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-jcq6-btgz-fkf6
11
vulnerability VCID-k73h-z6j8-gkgz
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-nntc-dsz1-e3fp
16
vulnerability VCID-qhv1-wgpm-7fh6
17
vulnerability VCID-r6kn-b963-eqge
18
vulnerability VCID-s6uu-335k-yfbc
19
vulnerability VCID-vfp6-4h8n-bkax
20
vulnerability VCID-vtq4-fpr8-hudb
21
vulnerability VCID-w9ca-exua-g7ar
22
vulnerability VCID-x7rg-rsb5-pya7
23
vulnerability VCID-y8up-cqtu-jkdw
24
vulnerability VCID-yghg-775s-vber
25
vulnerability VCID-zjrq-np3y-hua5
26
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.18
1
url pkg:composer/moodle/moodle@2.9.0-beta
purl pkg:composer/moodle/moodle@2.9.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-ajkr-fxa1-mkhk
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-duna-st9c-mqbk
6
vulnerability VCID-eu27-a3px-87ed
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-k1bh-ymgt-e7cd
9
vulnerability VCID-k73h-z6j8-gkgz
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-m4zv-e3dn-budf
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-r6kn-b963-eqge
16
vulnerability VCID-s6uu-335k-yfbc
17
vulnerability VCID-vfp6-4h8n-bkax
18
vulnerability VCID-w9ca-exua-g7ar
19
vulnerability VCID-x7rg-rsb5-pya7
20
vulnerability VCID-y8up-cqtu-jkdw
21
vulnerability VCID-yghg-775s-vber
22
vulnerability VCID-zjrq-np3y-hua5
23
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.0-beta
2
url pkg:composer/moodle/moodle@3.0.0-beta
purl pkg:composer/moodle/moodle@3.0.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-ajkr-fxa1-mkhk
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-duna-st9c-mqbk
6
vulnerability VCID-eu27-a3px-87ed
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-k1bh-ymgt-e7cd
9
vulnerability VCID-k73h-z6j8-gkgz
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-m4zv-e3dn-budf
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-r6kn-b963-eqge
16
vulnerability VCID-s6uu-335k-yfbc
17
vulnerability VCID-vfp6-4h8n-bkax
18
vulnerability VCID-w9ca-exua-g7ar
19
vulnerability VCID-x7rg-rsb5-pya7
20
vulnerability VCID-y8up-cqtu-jkdw
21
vulnerability VCID-yghg-775s-vber
22
vulnerability VCID-zjrq-np3y-hua5
23
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.0-beta
3
url pkg:composer/moodle/moodle@3.0.8
purl pkg:composer/moodle/moodle@3.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-5rbf-4dz3-2qdz
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-9nd7-4wve-97hc
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-dhku-uah4-ykh8
9
vulnerability VCID-duna-st9c-mqbk
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-k73h-z6j8-gkgz
13
vulnerability VCID-m3np-aebb-8qaa
14
vulnerability VCID-m4zv-e3dn-budf
15
vulnerability VCID-mkfz-e1ft-2bcw
16
vulnerability VCID-nntc-dsz1-e3fp
17
vulnerability VCID-qhv1-wgpm-7fh6
18
vulnerability VCID-r6kn-b963-eqge
19
vulnerability VCID-s6uu-335k-yfbc
20
vulnerability VCID-vfp6-4h8n-bkax
21
vulnerability VCID-vtq4-fpr8-hudb
22
vulnerability VCID-w9ca-exua-g7ar
23
vulnerability VCID-x7rg-rsb5-pya7
24
vulnerability VCID-y8up-cqtu-jkdw
25
vulnerability VCID-yghg-775s-vber
26
vulnerability VCID-zgzm-wj81-jkah
27
vulnerability VCID-zjrq-np3y-hua5
28
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.8
4
url pkg:composer/moodle/moodle@3.1.4
purl pkg:composer/moodle/moodle@3.1.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-336n-hpzg-euhd
3
vulnerability VCID-4rz2-b4e3-87g5
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-83kb-4mk9-t7ge
6
vulnerability VCID-8mgr-gdzj-4ybs
7
vulnerability VCID-9nd7-4wve-97hc
8
vulnerability VCID-9t4u-n1pn-w3bd
9
vulnerability VCID-a6pb-47tu-afcg
10
vulnerability VCID-ajkr-fxa1-mkhk
11
vulnerability VCID-b7br-bh2d-rygp
12
vulnerability VCID-bjnq-q2nd-1khp
13
vulnerability VCID-ckg1-9vpt-yfdk
14
vulnerability VCID-deur-8zdf-2kh2
15
vulnerability VCID-dhku-uah4-ykh8
16
vulnerability VCID-duna-st9c-mqbk
17
vulnerability VCID-eu27-a3px-87ed
18
vulnerability VCID-fegs-ubsk-63hu
19
vulnerability VCID-g8ct-c4ce-zuaf
20
vulnerability VCID-jcq6-btgz-fkf6
21
vulnerability VCID-jn5n-6hg9-tyf7
22
vulnerability VCID-k73h-z6j8-gkgz
23
vulnerability VCID-m3np-aebb-8qaa
24
vulnerability VCID-m4zv-e3dn-budf
25
vulnerability VCID-mkfz-e1ft-2bcw
26
vulnerability VCID-nntc-dsz1-e3fp
27
vulnerability VCID-p2gd-7uam-mqf8
28
vulnerability VCID-q2fa-jymp-c3bb
29
vulnerability VCID-qhv1-wgpm-7fh6
30
vulnerability VCID-qxsq-ku22-r7gx
31
vulnerability VCID-r6kn-b963-eqge
32
vulnerability VCID-s6uu-335k-yfbc
33
vulnerability VCID-vfp6-4h8n-bkax
34
vulnerability VCID-vtq4-fpr8-hudb
35
vulnerability VCID-w9ca-exua-g7ar
36
vulnerability VCID-x7rg-rsb5-pya7
37
vulnerability VCID-x927-nh46-7fdy
38
vulnerability VCID-y8up-cqtu-jkdw
39
vulnerability VCID-yghg-775s-vber
40
vulnerability VCID-yp82-zj5g-pbaf
41
vulnerability VCID-zgzm-wj81-jkah
42
vulnerability VCID-zjrq-np3y-hua5
43
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.4
5
url pkg:composer/moodle/moodle@3.2.1
purl pkg:composer/moodle/moodle@3.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2qjr-wjh1-8fh6
2
vulnerability VCID-2s6b-tp6p-gue1
3
vulnerability VCID-5rbf-4dz3-2qdz
4
vulnerability VCID-83kb-4mk9-t7ge
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-ajkr-fxa1-mkhk
8
vulnerability VCID-b7br-bh2d-rygp
9
vulnerability VCID-ckg1-9vpt-yfdk
10
vulnerability VCID-dhku-uah4-ykh8
11
vulnerability VCID-duna-st9c-mqbk
12
vulnerability VCID-eu27-a3px-87ed
13
vulnerability VCID-fegs-ubsk-63hu
14
vulnerability VCID-g8ct-c4ce-zuaf
15
vulnerability VCID-jcq6-btgz-fkf6
16
vulnerability VCID-jn5n-6hg9-tyf7
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-m4zv-e3dn-budf
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-nc2j-pay7-ryab
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-p2gd-7uam-mqf8
23
vulnerability VCID-q2fa-jymp-c3bb
24
vulnerability VCID-qhv1-wgpm-7fh6
25
vulnerability VCID-vtq4-fpr8-hudb
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-x927-nh46-7fdy
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-yp82-zj5g-pbaf
32
vulnerability VCID-zgzm-wj81-jkah
33
vulnerability VCID-zjrq-np3y-hua5
34
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.1
aliases CVE-2017-2576, GHSA-cjrf-xg77-chpw
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-65y9-9ur2-pugc
6
url VCID-83kb-4mk9-t7ge
vulnerability_id VCID-83kb-4mk9-t7ge
summary 
Information Exposure
Students can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This allows enumerating and guessing emails of other students.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-15110
reference_id
reference_type
scores
0
value 0.00237
scoring_system epss
scoring_elements 0.46726
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-15110
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=361784
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=361784
3
reference_url http://www.securityfocus.com/bid/101909
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/101909
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-15110
reference_id CVE-2017-15110
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-15110
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.0-beta
purl pkg:composer/moodle/moodle@3.1.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-ajkr-fxa1-mkhk
3
vulnerability VCID-duna-st9c-mqbk
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-k1bh-ymgt-e7cd
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-mkfz-e1ft-2bcw
9
vulnerability VCID-nntc-dsz1-e3fp
10
vulnerability VCID-qhv1-wgpm-7fh6
11
vulnerability VCID-r6kn-b963-eqge
12
vulnerability VCID-s6uu-335k-yfbc
13
vulnerability VCID-w9ca-exua-g7ar
14
vulnerability VCID-x7rg-rsb5-pya7
15
vulnerability VCID-y8up-cqtu-jkdw
16
vulnerability VCID-yghg-775s-vber
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.0-beta
1
url pkg:composer/moodle/moodle@3.1.9
purl pkg:composer/moodle/moodle@3.1.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-9t4u-n1pn-w3bd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-b7br-bh2d-rygp
8
vulnerability VCID-bjnq-q2nd-1khp
9
vulnerability VCID-ckg1-9vpt-yfdk
10
vulnerability VCID-deur-8zdf-2kh2
11
vulnerability VCID-duna-st9c-mqbk
12
vulnerability VCID-eu27-a3px-87ed
13
vulnerability VCID-fegs-ubsk-63hu
14
vulnerability VCID-g8ct-c4ce-zuaf
15
vulnerability VCID-jcq6-btgz-fkf6
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-m4zv-e3dn-budf
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-nntc-dsz1-e3fp
21
vulnerability VCID-p2gd-7uam-mqf8
22
vulnerability VCID-qhv1-wgpm-7fh6
23
vulnerability VCID-qxsq-ku22-r7gx
24
vulnerability VCID-r6kn-b963-eqge
25
vulnerability VCID-s6uu-335k-yfbc
26
vulnerability VCID-vfp6-4h8n-bkax
27
vulnerability VCID-w9ca-exua-g7ar
28
vulnerability VCID-x7rg-rsb5-pya7
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.9
2
url pkg:composer/moodle/moodle@3.2.6
purl pkg:composer/moodle/moodle@3.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-ajkr-fxa1-mkhk
3
vulnerability VCID-b7br-bh2d-rygp
4
vulnerability VCID-ckg1-9vpt-yfdk
5
vulnerability VCID-duna-st9c-mqbk
6
vulnerability VCID-eu27-a3px-87ed
7
vulnerability VCID-fegs-ubsk-63hu
8
vulnerability VCID-g8ct-c4ce-zuaf
9
vulnerability VCID-jcq6-btgz-fkf6
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-m4zv-e3dn-budf
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-nc2j-pay7-ryab
14
vulnerability VCID-nntc-dsz1-e3fp
15
vulnerability VCID-p2gd-7uam-mqf8
16
vulnerability VCID-qhv1-wgpm-7fh6
17
vulnerability VCID-w9ca-exua-g7ar
18
vulnerability VCID-x7rg-rsb5-pya7
19
vulnerability VCID-y8up-cqtu-jkdw
20
vulnerability VCID-yghg-775s-vber
21
vulnerability VCID-zjrq-np3y-hua5
22
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.6
3
url pkg:composer/moodle/moodle@3.3.3
purl pkg:composer/moodle/moodle@3.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-8mgr-gdzj-4ybs
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-b7br-bh2d-rygp
6
vulnerability VCID-bjnq-q2nd-1khp
7
vulnerability VCID-ckg1-9vpt-yfdk
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fegs-ubsk-63hu
11
vulnerability VCID-fygy-9njn-abgd
12
vulnerability VCID-g8ct-c4ce-zuaf
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-m3np-aebb-8qaa
15
vulnerability VCID-m4zv-e3dn-budf
16
vulnerability VCID-mkfz-e1ft-2bcw
17
vulnerability VCID-mmg3-7fz9-5uak
18
vulnerability VCID-nc2j-pay7-ryab
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-p2gd-7uam-mqf8
21
vulnerability VCID-qhv1-wgpm-7fh6
22
vulnerability VCID-vfp6-4h8n-bkax
23
vulnerability VCID-w9ca-exua-g7ar
24
vulnerability VCID-x7rg-rsb5-pya7
25
vulnerability VCID-x9vd-njdz-jua9
26
vulnerability VCID-y8up-cqtu-jkdw
27
vulnerability VCID-yghg-775s-vber
28
vulnerability VCID-zjrq-np3y-hua5
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.3
aliases CVE-2017-15110, GHSA-rjh8-w8jg-xwq5
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-83kb-4mk9-t7ge
7
url VCID-a6pb-47tu-afcg
vulnerability_id VCID-a6pb-47tu-afcg
summary 
Information Exposure
Moodle is vulnerable to information exposure of service tokens for users enrolled in the same course.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1692
reference_id
reference_type
scores
0
value 0.00159
scoring_system epss
scoring_elements 0.36547
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1692
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1692
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1692
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1692
reference_id CVE-2020-1692
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1692
4
reference_url https://github.com/advisories/GHSA-9328-7pcw-vw69
reference_id GHSA-9328-7pcw-vw69
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9328-7pcw-vw69
fixed_packages
0
url pkg:composer/moodle/moodle@3.7.2
purl pkg:composer/moodle/moodle@3.7.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-3uvf-6ztd-xkaf
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-56wj-4124-ryd2
4
vulnerability VCID-6m19-4krm-2udd
5
vulnerability VCID-c14d-1sa2-rkf6
6
vulnerability VCID-c1a1-z5m1-nfbc
7
vulnerability VCID-fskk-cb95-uqer
8
vulnerability VCID-hhzz-hbqz-akfw
9
vulnerability VCID-jcq6-btgz-fkf6
10
vulnerability VCID-jcsq-3q5z-4kc6
11
vulnerability VCID-kgva-z9gg-u3dw
12
vulnerability VCID-n5tc-1k33-dfeq
13
vulnerability VCID-paj4-nq1r-jbd3
14
vulnerability VCID-w2b2-fuky-j3ff
15
vulnerability VCID-y8up-cqtu-jkdw
16
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.2
aliases CVE-2020-1692, GHSA-9328-7pcw-vw69
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a6pb-47tu-afcg
8
url VCID-ajkr-fxa1-mkhk
vulnerability_id VCID-ajkr-fxa1-mkhk
summary 
Cross-site Scripting
Moodle is vulnerable to XSS via a calendar event name.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1045
reference_id
reference_type
scores
0
value 0.00237
scoring_system epss
scoring_elements 0.46987
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1045
1
reference_url https://moodle.org/mod/forum/discuss.php?d=364384
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=364384
2
reference_url https://web.archive.org/web/20210124134120/http://www.securityfocus.com/bid/102755
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210124134120/http://www.securityfocus.com/bid/102755
3
reference_url http://www.securityfocus.com/bid/102755
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/102755
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1045
reference_id CVE-2018-1045
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1045
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.10
purl pkg:composer/moodle/moodle@3.1.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-9t4u-n1pn-w3bd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-b7br-bh2d-rygp
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-ckg1-9vpt-yfdk
9
vulnerability VCID-deur-8zdf-2kh2
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fegs-ubsk-63hu
12
vulnerability VCID-g8ct-c4ce-zuaf
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k73h-z6j8-gkgz
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-p2gd-7uam-mqf8
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qxsq-ku22-r7gx
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-zjrq-np3y-hua5
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.10
1
url pkg:composer/moodle/moodle@3.2.7
purl pkg:composer/moodle/moodle@3.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-b7br-bh2d-rygp
3
vulnerability VCID-ckg1-9vpt-yfdk
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-fegs-ubsk-63hu
6
vulnerability VCID-g8ct-c4ce-zuaf
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-m4zv-e3dn-budf
10
vulnerability VCID-mkfz-e1ft-2bcw
11
vulnerability VCID-nntc-dsz1-e3fp
12
vulnerability VCID-p2gd-7uam-mqf8
13
vulnerability VCID-qhv1-wgpm-7fh6
14
vulnerability VCID-w9ca-exua-g7ar
15
vulnerability VCID-x7rg-rsb5-pya7
16
vulnerability VCID-y8up-cqtu-jkdw
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.7
2
url pkg:composer/moodle/moodle@3.3.4
purl pkg:composer/moodle/moodle@3.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-8mgr-gdzj-4ybs
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-b7br-bh2d-rygp
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-ckg1-9vpt-yfdk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-fegs-ubsk-63hu
9
vulnerability VCID-fygy-9njn-abgd
10
vulnerability VCID-g8ct-c4ce-zuaf
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-mmg3-7fz9-5uak
16
vulnerability VCID-nntc-dsz1-e3fp
17
vulnerability VCID-p2gd-7uam-mqf8
18
vulnerability VCID-qhv1-wgpm-7fh6
19
vulnerability VCID-vfp6-4h8n-bkax
20
vulnerability VCID-w9ca-exua-g7ar
21
vulnerability VCID-x7rg-rsb5-pya7
22
vulnerability VCID-x9vd-njdz-jua9
23
vulnerability VCID-y8up-cqtu-jkdw
24
vulnerability VCID-zjrq-np3y-hua5
25
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.4
aliases CVE-2018-1045, GHSA-595j-wpfg-23w4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ajkr-fxa1-mkhk
9
url VCID-an53-nu91-k3d7
vulnerability_id VCID-an53-nu91-k3d7
summary 
Cross-site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in `auth/db/auth.php` in Moodle allow remote attackers to inject arbitrary web script or HTML via an external DB profile field.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50705
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50705
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2152
reference_id
reference_type
scores
0
value 0.00223
scoring_system epss
scoring_elements 0.44992
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2152
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/3b214760fb51ae2b0c85bbb2b272b9bc7c164657
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/3b214760fb51ae2b0c85bbb2b272b9bc7c164657
4
reference_url https://github.com/moodle/moodle/commit/4db8407d3eaba17a8d3f81957b8e93e9f2554055
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/4db8407d3eaba17a8d3f81957b8e93e9f2554055
5
reference_url https://github.com/moodle/moodle/commit/4ee7394c8bfa95a63428385b542c2066cd2d8ea1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/4ee7394c8bfa95a63428385b542c2066cd2d8ea1
6
reference_url https://github.com/moodle/moodle/commit/54d6ee8c0874d72705ffa4c7c17d7c90bc16c897
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/54d6ee8c0874d72705ffa4c7c17d7c90bc16c897
7
reference_url https://github.com/moodle/moodle/commit/61da84e4148aa1de83a6389eb77abf3bbf09a349
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/61da84e4148aa1de83a6389eb77abf3bbf09a349
8
reference_url https://github.com/moodle/moodle/commit/82d0c0b5218e9ceb35a4e24b4a4e1e2e9cfc840c
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/82d0c0b5218e9ceb35a4e24b4a4e1e2e9cfc840c
9
reference_url https://github.com/moodle/moodle/commit/ce597604763272396e5cb8ec93859a8568020b8b
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/ce597604763272396e5cb8ec93859a8568020b8b
10
reference_url https://github.com/moodle/moodle/commit/d9d8e9c3fe92c5f25e319a38fe5617088965ad20
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/d9d8e9c3fe92c5f25e319a38fe5617088965ad20
11
reference_url https://github.com/moodle/moodle/commit/f4fcb1c4f76488d4571d3d265efce3813676c45d
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/f4fcb1c4f76488d4571d3d265efce3813676c45d
12
reference_url https://moodle.org/mod/forum/discuss.php?d=330174
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=330174
13
reference_url https://web.archive.org/web/20160424224349/http://www.securitytracker.com/id/1035333
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20160424224349/http://www.securitytracker.com/id/1035333
14
reference_url http://www.openwall.com/lists/oss-security/2016/03/21/1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/03/21/1
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2152
reference_id CVE-2016-2152
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-2152
16
reference_url https://github.com/advisories/GHSA-6mxm-wpqv-675h
reference_id GHSA-6mxm-wpqv-675h
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6mxm-wpqv-675h
fixed_packages
0
url pkg:composer/moodle/moodle@2.7.13
purl pkg:composer/moodle/moodle@2.7.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-4kq5-ctsv-eka8
3
vulnerability VCID-5rbf-4dz3-2qdz
4
vulnerability VCID-65y9-9ur2-pugc
5
vulnerability VCID-83kb-4mk9-t7ge
6
vulnerability VCID-8cc1-hbzm-87bx
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-bjnq-q2nd-1khp
10
vulnerability VCID-dhku-uah4-ykh8
11
vulnerability VCID-duna-st9c-mqbk
12
vulnerability VCID-eu27-a3px-87ed
13
vulnerability VCID-fsex-f512-pudv
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-k1bh-ymgt-e7cd
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-kgvw-uxf4-wbc1
18
vulnerability VCID-m3np-aebb-8qaa
19
vulnerability VCID-m4zv-e3dn-budf
20
vulnerability VCID-mkfz-e1ft-2bcw
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-qhv1-wgpm-7fh6
23
vulnerability VCID-r6kn-b963-eqge
24
vulnerability VCID-s3ue-e5h8-f3dy
25
vulnerability VCID-s6uu-335k-yfbc
26
vulnerability VCID-vb67-yux5-ayhf
27
vulnerability VCID-vfp6-4h8n-bkax
28
vulnerability VCID-vtq4-fpr8-hudb
29
vulnerability VCID-w9ca-exua-g7ar
30
vulnerability VCID-x7rg-rsb5-pya7
31
vulnerability VCID-y8up-cqtu-jkdw
32
vulnerability VCID-yghg-775s-vber
33
vulnerability VCID-zjrq-np3y-hua5
34
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.13
1
url pkg:composer/moodle/moodle@2.8.11
purl pkg:composer/moodle/moodle@2.8.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4kq5-ctsv-eka8
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8cc1-hbzm-87bx
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fsex-f512-pudv
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-k1bh-ymgt-e7cd
13
vulnerability VCID-k73h-z6j8-gkgz
14
vulnerability VCID-kgvw-uxf4-wbc1
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-r6kn-b963-eqge
21
vulnerability VCID-s3ue-e5h8-f3dy
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zjrq-np3y-hua5
30
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.11
2
url pkg:composer/moodle/moodle@2.9.5
purl pkg:composer/moodle/moodle@2.9.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4kq5-ctsv-eka8
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8cc1-hbzm-87bx
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fsex-f512-pudv
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-k1bh-ymgt-e7cd
13
vulnerability VCID-k73h-z6j8-gkgz
14
vulnerability VCID-kgvw-uxf4-wbc1
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-r6kn-b963-eqge
21
vulnerability VCID-s3ue-e5h8-f3dy
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zjrq-np3y-hua5
30
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.5
3
url pkg:composer/moodle/moodle@3.0.3
purl pkg:composer/moodle/moodle@3.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-4kq5-ctsv-eka8
3
vulnerability VCID-5rbf-4dz3-2qdz
4
vulnerability VCID-65y9-9ur2-pugc
5
vulnerability VCID-83kb-4mk9-t7ge
6
vulnerability VCID-8cc1-hbzm-87bx
7
vulnerability VCID-9nd7-4wve-97hc
8
vulnerability VCID-a6pb-47tu-afcg
9
vulnerability VCID-ajkr-fxa1-mkhk
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-dhku-uah4-ykh8
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eu27-a3px-87ed
14
vulnerability VCID-fsex-f512-pudv
15
vulnerability VCID-jcq6-btgz-fkf6
16
vulnerability VCID-k1bh-ymgt-e7cd
17
vulnerability VCID-k73h-z6j8-gkgz
18
vulnerability VCID-kgvw-uxf4-wbc1
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-qhv1-wgpm-7fh6
24
vulnerability VCID-r6kn-b963-eqge
25
vulnerability VCID-s3ue-e5h8-f3dy
26
vulnerability VCID-s6uu-335k-yfbc
27
vulnerability VCID-vb67-yux5-ayhf
28
vulnerability VCID-vfp6-4h8n-bkax
29
vulnerability VCID-vtq4-fpr8-hudb
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-yghg-775s-vber
34
vulnerability VCID-zgzm-wj81-jkah
35
vulnerability VCID-zjrq-np3y-hua5
36
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.3
aliases CVE-2016-2152, GHSA-6mxm-wpqv-675h
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-an53-nu91-k3d7
10
url VCID-bjnq-q2nd-1khp
vulnerability_id VCID-bjnq-q2nd-1khp
summary 
Cross-Site Request Forgery (CSRF)
The login form is not protected by a token to prevent login cross-site request forgery.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-63183
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-63183
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-16854
reference_id
reference_type
scores
0
value 0.01178
scoring_system epss
scoring_elements 0.79076
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-16854
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16854
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16854
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://moodle.org/mod/forum/discuss.php?d=378731
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=378731
5
reference_url http://www.securityfocus.com/bid/106017
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/106017
6
reference_url http://www.securitytracker.com/id/1042154
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1042154
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-16854
reference_id CVE-2018-16854
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-16854
8
reference_url https://github.com/advisories/GHSA-xj5f-qv37-r9jc
reference_id GHSA-xj5f-qv37-r9jc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xj5f-qv37-r9jc
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.0-beta
purl pkg:composer/moodle/moodle@3.1.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-ajkr-fxa1-mkhk
3
vulnerability VCID-duna-st9c-mqbk
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-k1bh-ymgt-e7cd
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-mkfz-e1ft-2bcw
9
vulnerability VCID-nntc-dsz1-e3fp
10
vulnerability VCID-qhv1-wgpm-7fh6
11
vulnerability VCID-r6kn-b963-eqge
12
vulnerability VCID-s6uu-335k-yfbc
13
vulnerability VCID-w9ca-exua-g7ar
14
vulnerability VCID-x7rg-rsb5-pya7
15
vulnerability VCID-y8up-cqtu-jkdw
16
vulnerability VCID-yghg-775s-vber
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.0-beta
1
url pkg:composer/moodle/moodle@3.1.15
purl pkg:composer/moodle/moodle@3.1.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-9t4u-n1pn-w3bd
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-deur-8zdf-2kh2
5
vulnerability VCID-eu27-a3px-87ed
6
vulnerability VCID-jcq6-btgz-fkf6
7
vulnerability VCID-k73h-z6j8-gkgz
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-mkfz-e1ft-2bcw
10
vulnerability VCID-nntc-dsz1-e3fp
11
vulnerability VCID-qhv1-wgpm-7fh6
12
vulnerability VCID-qxsq-ku22-r7gx
13
vulnerability VCID-r6kn-b963-eqge
14
vulnerability VCID-s6uu-335k-yfbc
15
vulnerability VCID-w9ca-exua-g7ar
16
vulnerability VCID-x7rg-rsb5-pya7
17
vulnerability VCID-y8up-cqtu-jkdw
18
vulnerability VCID-zjrq-np3y-hua5
19
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.15
2
url pkg:composer/moodle/moodle@3.3.9
purl pkg:composer/moodle/moodle@3.3.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-eu27-a3px-87ed
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-m3np-aebb-8qaa
5
vulnerability VCID-mkfz-e1ft-2bcw
6
vulnerability VCID-nntc-dsz1-e3fp
7
vulnerability VCID-qhv1-wgpm-7fh6
8
vulnerability VCID-w9ca-exua-g7ar
9
vulnerability VCID-x7rg-rsb5-pya7
10
vulnerability VCID-y8up-cqtu-jkdw
11
vulnerability VCID-zjrq-np3y-hua5
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.9
3
url pkg:composer/moodle/moodle@3.4.6
purl pkg:composer/moodle/moodle@3.4.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-deur-8zdf-2kh2
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-k73h-z6j8-gkgz
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-mkfz-e1ft-2bcw
9
vulnerability VCID-nntc-dsz1-e3fp
10
vulnerability VCID-qhv1-wgpm-7fh6
11
vulnerability VCID-qxsq-ku22-r7gx
12
vulnerability VCID-r6kn-b963-eqge
13
vulnerability VCID-s6uu-335k-yfbc
14
vulnerability VCID-w9ca-exua-g7ar
15
vulnerability VCID-x7rg-rsb5-pya7
16
vulnerability VCID-y8up-cqtu-jkdw
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.6
4
url pkg:composer/moodle/moodle@3.5.3
purl pkg:composer/moodle/moodle@3.5.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-3cb4-wz6x-ckcd
3
vulnerability VCID-42fa-qbft-rfff
4
vulnerability VCID-56wj-4124-ryd2
5
vulnerability VCID-6m19-4krm-2udd
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-akv3-zfp8-kkc7
8
vulnerability VCID-bbj9-hpz3-xqhh
9
vulnerability VCID-c1a1-z5m1-nfbc
10
vulnerability VCID-deur-8zdf-2kh2
11
vulnerability VCID-dpd2-1sqc-qqfy
12
vulnerability VCID-eu27-a3px-87ed
13
vulnerability VCID-fskk-cb95-uqer
14
vulnerability VCID-gnez-ehgq-rfbr
15
vulnerability VCID-hhzz-hbqz-akfw
16
vulnerability VCID-jcq6-btgz-fkf6
17
vulnerability VCID-jcsq-3q5z-4kc6
18
vulnerability VCID-k73h-z6j8-gkgz
19
vulnerability VCID-kgva-z9gg-u3dw
20
vulnerability VCID-m3np-aebb-8qaa
21
vulnerability VCID-mhm4-8kuk-t7b6
22
vulnerability VCID-mkfz-e1ft-2bcw
23
vulnerability VCID-mqde-66zm-qbbj
24
vulnerability VCID-nntc-dsz1-e3fp
25
vulnerability VCID-paj4-nq1r-jbd3
26
vulnerability VCID-pgfa-bkaw-q7cq
27
vulnerability VCID-qhv1-wgpm-7fh6
28
vulnerability VCID-qxsq-ku22-r7gx
29
vulnerability VCID-r6kn-b963-eqge
30
vulnerability VCID-s6uu-335k-yfbc
31
vulnerability VCID-w2b2-fuky-j3ff
32
vulnerability VCID-w9ca-exua-g7ar
33
vulnerability VCID-x7rg-rsb5-pya7
34
vulnerability VCID-y8up-cqtu-jkdw
35
vulnerability VCID-zjrq-np3y-hua5
36
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.3
aliases CVE-2018-16854, GHSA-xj5f-qv37-r9jc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bjnq-q2nd-1khp
11
url VCID-dhku-uah4-ykh8
vulnerability_id VCID-dhku-uah4-ykh8
summary 
SQL Injection
An SQL injection can occur via user preferences.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-2641
reference_id
reference_type
scores
0
value 0.01895
scoring_system epss
scoring_elements 0.8355
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-2641
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=349419
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=349419
3
reference_url https://www.exploit-db.com/exploits/41828
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/41828
4
reference_url http://www.securityfocus.com/bid/96977
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/96977
5
reference_url http://www.securitytracker.com/id/1038174
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1038174
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/41828.php
reference_id CVE-2017-2641
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/41828.php
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-2641
reference_id CVE-2017-2641
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-2641
fixed_packages
0
url pkg:composer/moodle/moodle@2.7.19
purl pkg:composer/moodle/moodle@2.7.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-ajkr-fxa1-mkhk
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-duna-st9c-mqbk
6
vulnerability VCID-eu27-a3px-87ed
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-k73h-z6j8-gkgz
9
vulnerability VCID-m3np-aebb-8qaa
10
vulnerability VCID-m4zv-e3dn-budf
11
vulnerability VCID-mkfz-e1ft-2bcw
12
vulnerability VCID-nntc-dsz1-e3fp
13
vulnerability VCID-qhv1-wgpm-7fh6
14
vulnerability VCID-r6kn-b963-eqge
15
vulnerability VCID-s6uu-335k-yfbc
16
vulnerability VCID-vfp6-4h8n-bkax
17
vulnerability VCID-w9ca-exua-g7ar
18
vulnerability VCID-x7rg-rsb5-pya7
19
vulnerability VCID-y8up-cqtu-jkdw
20
vulnerability VCID-yghg-775s-vber
21
vulnerability VCID-zjrq-np3y-hua5
22
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.19
1
url pkg:composer/moodle/moodle@3.0.9
purl pkg:composer/moodle/moodle@3.0.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-9nd7-4wve-97hc
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-duna-st9c-mqbk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-jcq6-btgz-fkf6
9
vulnerability VCID-k73h-z6j8-gkgz
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-m4zv-e3dn-budf
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-r6kn-b963-eqge
16
vulnerability VCID-s6uu-335k-yfbc
17
vulnerability VCID-vfp6-4h8n-bkax
18
vulnerability VCID-w9ca-exua-g7ar
19
vulnerability VCID-x7rg-rsb5-pya7
20
vulnerability VCID-y8up-cqtu-jkdw
21
vulnerability VCID-yghg-775s-vber
22
vulnerability VCID-zgzm-wj81-jkah
23
vulnerability VCID-zjrq-np3y-hua5
24
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.9
2
url pkg:composer/moodle/moodle@3.1.5
purl pkg:composer/moodle/moodle@3.1.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8mgr-gdzj-4ybs
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-9t4u-n1pn-w3bd
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-b7br-bh2d-rygp
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-ckg1-9vpt-yfdk
12
vulnerability VCID-deur-8zdf-2kh2
13
vulnerability VCID-duna-st9c-mqbk
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fegs-ubsk-63hu
16
vulnerability VCID-g8ct-c4ce-zuaf
17
vulnerability VCID-jcq6-btgz-fkf6
18
vulnerability VCID-k73h-z6j8-gkgz
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-p2gd-7uam-mqf8
24
vulnerability VCID-q2fa-jymp-c3bb
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-qxsq-ku22-r7gx
27
vulnerability VCID-r6kn-b963-eqge
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vfp6-4h8n-bkax
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-yghg-775s-vber
34
vulnerability VCID-yp82-zj5g-pbaf
35
vulnerability VCID-zgzm-wj81-jkah
36
vulnerability VCID-zjrq-np3y-hua5
37
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.5
3
url pkg:composer/moodle/moodle@3.2.2
purl pkg:composer/moodle/moodle@3.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-5rbf-4dz3-2qdz
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-9nd7-4wve-97hc
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-b1q7-u3cx-ukej
8
vulnerability VCID-b7br-bh2d-rygp
9
vulnerability VCID-ckg1-9vpt-yfdk
10
vulnerability VCID-duna-st9c-mqbk
11
vulnerability VCID-eu27-a3px-87ed
12
vulnerability VCID-fegs-ubsk-63hu
13
vulnerability VCID-g8ct-c4ce-zuaf
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nc2j-pay7-ryab
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-p2gd-7uam-mqf8
21
vulnerability VCID-q2fa-jymp-c3bb
22
vulnerability VCID-qhv1-wgpm-7fh6
23
vulnerability VCID-vtq4-fpr8-hudb
24
vulnerability VCID-w9ca-exua-g7ar
25
vulnerability VCID-x7rg-rsb5-pya7
26
vulnerability VCID-y8up-cqtu-jkdw
27
vulnerability VCID-yghg-775s-vber
28
vulnerability VCID-yp82-zj5g-pbaf
29
vulnerability VCID-zgzm-wj81-jkah
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.2
aliases CVE-2017-2641, GHSA-xhq3-455r-xv44
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dhku-uah4-ykh8
12
url VCID-duna-st9c-mqbk
vulnerability_id VCID-duna-st9c-mqbk
summary 
Information Exposure
In Moodle, the quiz web services allow students to see quiz results when it is prohibited in the settings.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1044
reference_id
reference_type
scores
0
value 0.00185
scoring_system epss
scoring_elements 0.3998
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1044
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=364383
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=364383
3
reference_url http://www.securityfocus.com/bid/102754
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/102754
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1044
reference_id CVE-2018-1044
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1044
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.10
purl pkg:composer/moodle/moodle@3.1.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-9t4u-n1pn-w3bd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-b7br-bh2d-rygp
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-ckg1-9vpt-yfdk
9
vulnerability VCID-deur-8zdf-2kh2
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fegs-ubsk-63hu
12
vulnerability VCID-g8ct-c4ce-zuaf
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k73h-z6j8-gkgz
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-p2gd-7uam-mqf8
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qxsq-ku22-r7gx
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-zjrq-np3y-hua5
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.10
1
url pkg:composer/moodle/moodle@3.2.7
purl pkg:composer/moodle/moodle@3.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-b7br-bh2d-rygp
3
vulnerability VCID-ckg1-9vpt-yfdk
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-fegs-ubsk-63hu
6
vulnerability VCID-g8ct-c4ce-zuaf
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-m4zv-e3dn-budf
10
vulnerability VCID-mkfz-e1ft-2bcw
11
vulnerability VCID-nntc-dsz1-e3fp
12
vulnerability VCID-p2gd-7uam-mqf8
13
vulnerability VCID-qhv1-wgpm-7fh6
14
vulnerability VCID-w9ca-exua-g7ar
15
vulnerability VCID-x7rg-rsb5-pya7
16
vulnerability VCID-y8up-cqtu-jkdw
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.7
2
url pkg:composer/moodle/moodle@3.3.4
purl pkg:composer/moodle/moodle@3.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-8mgr-gdzj-4ybs
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-b7br-bh2d-rygp
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-ckg1-9vpt-yfdk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-fegs-ubsk-63hu
9
vulnerability VCID-fygy-9njn-abgd
10
vulnerability VCID-g8ct-c4ce-zuaf
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-mmg3-7fz9-5uak
16
vulnerability VCID-nntc-dsz1-e3fp
17
vulnerability VCID-p2gd-7uam-mqf8
18
vulnerability VCID-qhv1-wgpm-7fh6
19
vulnerability VCID-vfp6-4h8n-bkax
20
vulnerability VCID-w9ca-exua-g7ar
21
vulnerability VCID-x7rg-rsb5-pya7
22
vulnerability VCID-x9vd-njdz-jua9
23
vulnerability VCID-y8up-cqtu-jkdw
24
vulnerability VCID-zjrq-np3y-hua5
25
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.4
3
url pkg:composer/moodle/moodle@3.4.1
purl pkg:composer/moodle/moodle@3.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-b7br-bh2d-rygp
6
vulnerability VCID-bjnq-q2nd-1khp
7
vulnerability VCID-ckg1-9vpt-yfdk
8
vulnerability VCID-deur-8zdf-2kh2
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fegs-ubsk-63hu
11
vulnerability VCID-fygy-9njn-abgd
12
vulnerability VCID-g8ct-c4ce-zuaf
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k73h-z6j8-gkgz
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-mmg3-7fz9-5uak
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-p2gd-7uam-mqf8
21
vulnerability VCID-qhv1-wgpm-7fh6
22
vulnerability VCID-qxsq-ku22-r7gx
23
vulnerability VCID-r6kn-b963-eqge
24
vulnerability VCID-s6uu-335k-yfbc
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-x9vd-njdz-jua9
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.1
aliases CVE-2018-1044, GHSA-332g-xh34-5c96
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-duna-st9c-mqbk
13
url VCID-eaqp-7abt-6kg9
vulnerability_id VCID-eaqp-7abt-6kg9
summary 
Improper Access Control
The `save_submission` function in `mod/assign/externallib.php` in Moodle allows remote authenticated users to bypass intended due-date restrictions by leveraging the student role for a web-service request.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52901
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52901
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2159
reference_id
reference_type
scores
0
value 0.0021
scoring_system epss
scoring_elements 0.43403
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2159
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/0766509ab02353008af62f953f7ebc0f6210411a
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/0766509ab02353008af62f953f7ebc0f6210411a
4
reference_url https://github.com/moodle/moodle/commit/3c069c16db62d0e0a64137578e92c22d604dd261
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/3c069c16db62d0e0a64137578e92c22d604dd261
5
reference_url https://github.com/moodle/moodle/commit/711f9468d4e2792afe0f2025ac98c52ee3e4ee71
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/711f9468d4e2792afe0f2025ac98c52ee3e4ee71
6
reference_url https://github.com/moodle/moodle/commit/dc8421575f35585a7a4fc1c9710dafd1d0483d4e
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/dc8421575f35585a7a4fc1c9710dafd1d0483d4e
7
reference_url https://github.com/moodle/moodle/commit/ea8987644fdbbee291337263598b0c3c7bf27c36
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/ea8987644fdbbee291337263598b0c3c7bf27c36
8
reference_url https://moodle.org/mod/forum/discuss.php?d=330182
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=330182
9
reference_url https://web.archive.org/web/20160424224349/http://www.securitytracker.com/id/1035333
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20160424224349/http://www.securitytracker.com/id/1035333
10
reference_url http://www.openwall.com/lists/oss-security/2016/03/21/1
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/03/21/1
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2159
reference_id CVE-2016-2159
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-2159
12
reference_url https://github.com/advisories/GHSA-cw72-69wq-f9f2
reference_id GHSA-cw72-69wq-f9f2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cw72-69wq-f9f2
fixed_packages
0
url pkg:composer/moodle/moodle@2.7.13
purl pkg:composer/moodle/moodle@2.7.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-4kq5-ctsv-eka8
3
vulnerability VCID-5rbf-4dz3-2qdz
4
vulnerability VCID-65y9-9ur2-pugc
5
vulnerability VCID-83kb-4mk9-t7ge
6
vulnerability VCID-8cc1-hbzm-87bx
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-bjnq-q2nd-1khp
10
vulnerability VCID-dhku-uah4-ykh8
11
vulnerability VCID-duna-st9c-mqbk
12
vulnerability VCID-eu27-a3px-87ed
13
vulnerability VCID-fsex-f512-pudv
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-k1bh-ymgt-e7cd
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-kgvw-uxf4-wbc1
18
vulnerability VCID-m3np-aebb-8qaa
19
vulnerability VCID-m4zv-e3dn-budf
20
vulnerability VCID-mkfz-e1ft-2bcw
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-qhv1-wgpm-7fh6
23
vulnerability VCID-r6kn-b963-eqge
24
vulnerability VCID-s3ue-e5h8-f3dy
25
vulnerability VCID-s6uu-335k-yfbc
26
vulnerability VCID-vb67-yux5-ayhf
27
vulnerability VCID-vfp6-4h8n-bkax
28
vulnerability VCID-vtq4-fpr8-hudb
29
vulnerability VCID-w9ca-exua-g7ar
30
vulnerability VCID-x7rg-rsb5-pya7
31
vulnerability VCID-y8up-cqtu-jkdw
32
vulnerability VCID-yghg-775s-vber
33
vulnerability VCID-zjrq-np3y-hua5
34
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.13
1
url pkg:composer/moodle/moodle@2.8.11
purl pkg:composer/moodle/moodle@2.8.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4kq5-ctsv-eka8
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8cc1-hbzm-87bx
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fsex-f512-pudv
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-k1bh-ymgt-e7cd
13
vulnerability VCID-k73h-z6j8-gkgz
14
vulnerability VCID-kgvw-uxf4-wbc1
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-r6kn-b963-eqge
21
vulnerability VCID-s3ue-e5h8-f3dy
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zjrq-np3y-hua5
30
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.11
2
url pkg:composer/moodle/moodle@2.9.5
purl pkg:composer/moodle/moodle@2.9.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4kq5-ctsv-eka8
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8cc1-hbzm-87bx
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fsex-f512-pudv
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-k1bh-ymgt-e7cd
13
vulnerability VCID-k73h-z6j8-gkgz
14
vulnerability VCID-kgvw-uxf4-wbc1
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-r6kn-b963-eqge
21
vulnerability VCID-s3ue-e5h8-f3dy
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zjrq-np3y-hua5
30
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.5
3
url pkg:composer/moodle/moodle@3.0.3
purl pkg:composer/moodle/moodle@3.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-4kq5-ctsv-eka8
3
vulnerability VCID-5rbf-4dz3-2qdz
4
vulnerability VCID-65y9-9ur2-pugc
5
vulnerability VCID-83kb-4mk9-t7ge
6
vulnerability VCID-8cc1-hbzm-87bx
7
vulnerability VCID-9nd7-4wve-97hc
8
vulnerability VCID-a6pb-47tu-afcg
9
vulnerability VCID-ajkr-fxa1-mkhk
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-dhku-uah4-ykh8
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eu27-a3px-87ed
14
vulnerability VCID-fsex-f512-pudv
15
vulnerability VCID-jcq6-btgz-fkf6
16
vulnerability VCID-k1bh-ymgt-e7cd
17
vulnerability VCID-k73h-z6j8-gkgz
18
vulnerability VCID-kgvw-uxf4-wbc1
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-qhv1-wgpm-7fh6
24
vulnerability VCID-r6kn-b963-eqge
25
vulnerability VCID-s3ue-e5h8-f3dy
26
vulnerability VCID-s6uu-335k-yfbc
27
vulnerability VCID-vb67-yux5-ayhf
28
vulnerability VCID-vfp6-4h8n-bkax
29
vulnerability VCID-vtq4-fpr8-hudb
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-yghg-775s-vber
34
vulnerability VCID-zgzm-wj81-jkah
35
vulnerability VCID-zjrq-np3y-hua5
36
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.3
aliases CVE-2016-2159, GHSA-cw72-69wq-f9f2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eaqp-7abt-6kg9
14
url VCID-eu27-a3px-87ed
vulnerability_id VCID-eu27-a3px-87ed
summary 
Improper Access Control
Teachers in an assignment group could modify group overrides for other groups in the same assignment.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10189
reference_id
reference_type
scores
0
value 0.00156
scoring_system epss
scoring_elements 0.36022
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10189
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10189
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10189
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://moodle.org/mod/forum/discuss.php?d=388570
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=388570
4
reference_url http://www.securityfocus.com/bid/109271
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/109271
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10189
reference_id CVE-2019-10189
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10189
fixed_packages
0
url pkg:composer/moodle/moodle@3.5.7
purl pkg:composer/moodle/moodle@3.5.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-42fa-qbft-rfff
2
vulnerability VCID-56wj-4124-ryd2
3
vulnerability VCID-6m19-4krm-2udd
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-bbj9-hpz3-xqhh
6
vulnerability VCID-c1a1-z5m1-nfbc
7
vulnerability VCID-dpd2-1sqc-qqfy
8
vulnerability VCID-fskk-cb95-uqer
9
vulnerability VCID-gnez-ehgq-rfbr
10
vulnerability VCID-hhzz-hbqz-akfw
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-jcsq-3q5z-4kc6
13
vulnerability VCID-kgva-z9gg-u3dw
14
vulnerability VCID-mhm4-8kuk-t7b6
15
vulnerability VCID-mkfz-e1ft-2bcw
16
vulnerability VCID-mqde-66zm-qbbj
17
vulnerability VCID-nntc-dsz1-e3fp
18
vulnerability VCID-paj4-nq1r-jbd3
19
vulnerability VCID-pgfa-bkaw-q7cq
20
vulnerability VCID-w2b2-fuky-j3ff
21
vulnerability VCID-y8up-cqtu-jkdw
22
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7
1
url pkg:composer/moodle/moodle@3.6.5
purl pkg:composer/moodle/moodle@3.6.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a6pb-47tu-afcg
1
vulnerability VCID-hhzz-hbqz-akfw
2
vulnerability VCID-jcq6-btgz-fkf6
3
vulnerability VCID-kgva-z9gg-u3dw
4
vulnerability VCID-n5tc-1k33-dfeq
5
vulnerability VCID-paj4-nq1r-jbd3
6
vulnerability VCID-w2b2-fuky-j3ff
7
vulnerability VCID-y8up-cqtu-jkdw
8
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.5
2
url pkg:composer/moodle/moodle@3.7.1
purl pkg:composer/moodle/moodle@3.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-3uvf-6ztd-xkaf
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-494p-pmxw-b7e2
4
vulnerability VCID-56wj-4124-ryd2
5
vulnerability VCID-6m19-4krm-2udd
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-c14d-1sa2-rkf6
8
vulnerability VCID-c1a1-z5m1-nfbc
9
vulnerability VCID-fskk-cb95-uqer
10
vulnerability VCID-hhzz-hbqz-akfw
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-jcsq-3q5z-4kc6
13
vulnerability VCID-kgva-z9gg-u3dw
14
vulnerability VCID-n5tc-1k33-dfeq
15
vulnerability VCID-paj4-nq1r-jbd3
16
vulnerability VCID-w2b2-fuky-j3ff
17
vulnerability VCID-y8up-cqtu-jkdw
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1
aliases CVE-2019-10189, GHSA-h7xp-7fjp-ghhc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eu27-a3px-87ed
15
url VCID-fsex-f512-pudv
vulnerability_id VCID-fsex-f512-pudv
summary 
Injection Vulnerability
In Moodle, text injection can occur in email headers, potentially leading to outbound spam.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5013
reference_id
reference_type
scores
0
value 0.00363
scoring_system epss
scoring_elements 0.58644
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5013
1
reference_url https://github.com/moodle/moodle/commit/ed63718caa48803843a14140d8a27f04aba9c8c4
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/ed63718caa48803843a14140d8a27f04aba9c8c4
2
reference_url https://moodle.org/mod/forum/discuss.php?d=336698
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=336698
3
reference_url https://web.archive.org/web/20210123154543/http://www.securityfocus.com/bid/92040
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123154543/http://www.securityfocus.com/bid/92040
4
reference_url http://www.securityfocus.com/bid/92040
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/92040
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5013
reference_id CVE-2016-5013
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-5013
6
reference_url https://github.com/advisories/GHSA-2hh3-jmv8-5fmx
reference_id GHSA-2hh3-jmv8-5fmx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2hh3-jmv8-5fmx
fixed_packages
0
url pkg:composer/moodle/moodle@2.7.15
purl pkg:composer/moodle/moodle@2.7.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-5rbf-4dz3-2qdz
3
vulnerability VCID-65y9-9ur2-pugc
4
vulnerability VCID-83kb-4mk9-t7ge
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-dhku-uah4-ykh8
9
vulnerability VCID-duna-st9c-mqbk
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-k1bh-ymgt-e7cd
13
vulnerability VCID-k73h-z6j8-gkgz
14
vulnerability VCID-m3np-aebb-8qaa
15
vulnerability VCID-m4zv-e3dn-budf
16
vulnerability VCID-mkfz-e1ft-2bcw
17
vulnerability VCID-nntc-dsz1-e3fp
18
vulnerability VCID-qhv1-wgpm-7fh6
19
vulnerability VCID-r6kn-b963-eqge
20
vulnerability VCID-s6uu-335k-yfbc
21
vulnerability VCID-vb67-yux5-ayhf
22
vulnerability VCID-vfp6-4h8n-bkax
23
vulnerability VCID-vtq4-fpr8-hudb
24
vulnerability VCID-w9ca-exua-g7ar
25
vulnerability VCID-x7rg-rsb5-pya7
26
vulnerability VCID-y8up-cqtu-jkdw
27
vulnerability VCID-yghg-775s-vber
28
vulnerability VCID-zjrq-np3y-hua5
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.15
1
url pkg:composer/moodle/moodle@2.9.0-beta
purl pkg:composer/moodle/moodle@2.9.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-ajkr-fxa1-mkhk
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-duna-st9c-mqbk
6
vulnerability VCID-eu27-a3px-87ed
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-k1bh-ymgt-e7cd
9
vulnerability VCID-k73h-z6j8-gkgz
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-m4zv-e3dn-budf
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-r6kn-b963-eqge
16
vulnerability VCID-s6uu-335k-yfbc
17
vulnerability VCID-vfp6-4h8n-bkax
18
vulnerability VCID-w9ca-exua-g7ar
19
vulnerability VCID-x7rg-rsb5-pya7
20
vulnerability VCID-y8up-cqtu-jkdw
21
vulnerability VCID-yghg-775s-vber
22
vulnerability VCID-zjrq-np3y-hua5
23
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.0-beta
2
url pkg:composer/moodle/moodle@2.9.7
purl pkg:composer/moodle/moodle@2.9.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-65y9-9ur2-pugc
2
vulnerability VCID-83kb-4mk9-t7ge
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-duna-st9c-mqbk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-jcq6-btgz-fkf6
9
vulnerability VCID-k1bh-ymgt-e7cd
10
vulnerability VCID-k73h-z6j8-gkgz
11
vulnerability VCID-m3np-aebb-8qaa
12
vulnerability VCID-m4zv-e3dn-budf
13
vulnerability VCID-mkfz-e1ft-2bcw
14
vulnerability VCID-nntc-dsz1-e3fp
15
vulnerability VCID-qhv1-wgpm-7fh6
16
vulnerability VCID-r6kn-b963-eqge
17
vulnerability VCID-s6uu-335k-yfbc
18
vulnerability VCID-vb67-yux5-ayhf
19
vulnerability VCID-vfp6-4h8n-bkax
20
vulnerability VCID-w9ca-exua-g7ar
21
vulnerability VCID-x7rg-rsb5-pya7
22
vulnerability VCID-y8up-cqtu-jkdw
23
vulnerability VCID-yghg-775s-vber
24
vulnerability VCID-zjrq-np3y-hua5
25
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.7
3
url pkg:composer/moodle/moodle@3.0.5
purl pkg:composer/moodle/moodle@3.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-5rbf-4dz3-2qdz
3
vulnerability VCID-65y9-9ur2-pugc
4
vulnerability VCID-83kb-4mk9-t7ge
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-ajkr-fxa1-mkhk
8
vulnerability VCID-bjnq-q2nd-1khp
9
vulnerability VCID-dhku-uah4-ykh8
10
vulnerability VCID-duna-st9c-mqbk
11
vulnerability VCID-eu27-a3px-87ed
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k73h-z6j8-gkgz
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-r6kn-b963-eqge
21
vulnerability VCID-s6uu-335k-yfbc
22
vulnerability VCID-vb67-yux5-ayhf
23
vulnerability VCID-vfp6-4h8n-bkax
24
vulnerability VCID-vtq4-fpr8-hudb
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zgzm-wj81-jkah
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.5
4
url pkg:composer/moodle/moodle@3.1.1
purl pkg:composer/moodle/moodle@3.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-336n-hpzg-euhd
3
vulnerability VCID-4rz2-b4e3-87g5
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-65y9-9ur2-pugc
6
vulnerability VCID-83kb-4mk9-t7ge
7
vulnerability VCID-8mgr-gdzj-4ybs
8
vulnerability VCID-9nd7-4wve-97hc
9
vulnerability VCID-9t4u-n1pn-w3bd
10
vulnerability VCID-a6pb-47tu-afcg
11
vulnerability VCID-ajkr-fxa1-mkhk
12
vulnerability VCID-b7br-bh2d-rygp
13
vulnerability VCID-bjnq-q2nd-1khp
14
vulnerability VCID-ckg1-9vpt-yfdk
15
vulnerability VCID-deur-8zdf-2kh2
16
vulnerability VCID-dhku-uah4-ykh8
17
vulnerability VCID-duna-st9c-mqbk
18
vulnerability VCID-e2zc-7ujn-wybu
19
vulnerability VCID-eu27-a3px-87ed
20
vulnerability VCID-fegs-ubsk-63hu
21
vulnerability VCID-g8ct-c4ce-zuaf
22
vulnerability VCID-jcq6-btgz-fkf6
23
vulnerability VCID-jn5n-6hg9-tyf7
24
vulnerability VCID-k1bh-ymgt-e7cd
25
vulnerability VCID-k73h-z6j8-gkgz
26
vulnerability VCID-m3np-aebb-8qaa
27
vulnerability VCID-m4zv-e3dn-budf
28
vulnerability VCID-mkfz-e1ft-2bcw
29
vulnerability VCID-nntc-dsz1-e3fp
30
vulnerability VCID-p2gd-7uam-mqf8
31
vulnerability VCID-q2fa-jymp-c3bb
32
vulnerability VCID-qhv1-wgpm-7fh6
33
vulnerability VCID-qxsq-ku22-r7gx
34
vulnerability VCID-r6kn-b963-eqge
35
vulnerability VCID-s6uu-335k-yfbc
36
vulnerability VCID-vb67-yux5-ayhf
37
vulnerability VCID-vfp6-4h8n-bkax
38
vulnerability VCID-vtq4-fpr8-hudb
39
vulnerability VCID-w9ca-exua-g7ar
40
vulnerability VCID-x7rg-rsb5-pya7
41
vulnerability VCID-x927-nh46-7fdy
42
vulnerability VCID-y8up-cqtu-jkdw
43
vulnerability VCID-yghg-775s-vber
44
vulnerability VCID-yp82-zj5g-pbaf
45
vulnerability VCID-zgzm-wj81-jkah
46
vulnerability VCID-zjrq-np3y-hua5
47
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.1
aliases CVE-2016-5013, GHSA-2hh3-jmv8-5fmx
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fsex-f512-pudv
16
url VCID-jcq6-btgz-fkf6
vulnerability_id VCID-jcq6-btgz-fkf6
summary 
Cross-site Scripting
It was found in Moodle that some search inputs were vulnerable to reflected XSS due to insufficient escaping of search queries.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20183
reference_id
reference_type
scores
0
value 0.00455
scoring_system epss
scoring_elements 0.64171
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20183
1
reference_url https://github.com/moodle/moodle/commit/dc9de7b0d487b73c23c221dc0b8b6e01654921f3
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/dc9de7b0d487b73c23c221dc0b8b6e01654921f3
2
reference_url https://moodle.org/mod/forum/discuss.php?d=417166
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=417166
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20183
reference_id CVE-2021-20183
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20183
4
reference_url https://github.com/advisories/GHSA-xhfx-rm8q-c3xv
reference_id GHSA-xhfx-rm8q-c3xv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xhfx-rm8q-c3xv
fixed_packages
0
url pkg:composer/moodle/moodle@3.10.1
purl pkg:composer/moodle/moodle@3.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-bu6d-ns3s-fuck
2
vulnerability VCID-dpd2-1sqc-qqfy
3
vulnerability VCID-gnez-ehgq-rfbr
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.1
1
url pkg:composer/moodle/moodle@4.0.0-beta
purl pkg:composer/moodle/moodle@4.0.0-beta
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.0-beta
aliases CVE-2021-20183, GHSA-xhfx-rm8q-c3xv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jcq6-btgz-fkf6
17
url VCID-k1bh-ymgt-e7cd
vulnerability_id VCID-k1bh-ymgt-e7cd
summary 
Unrestricted Upload of File with Dangerous Type
Unrestricted file upload vulnerability in the double extension support in the "image" module in Moodle allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, and then accessing it via unspecified vectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9187
reference_id
reference_type
scores
0
value 0.02078
scoring_system epss
scoring_elements 0.84283
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9187
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://packetstormsecurity.com/files/139466/Moodle-CMS-3.1.2-Cross-Site-Scripting-File-Upload.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://packetstormsecurity.com/files/139466/Moodle-CMS-3.1.2-Cross-Site-Scripting-File-Upload.html
3
reference_url http://www.securityfocus.com/bid/94191
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/94191
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9187
reference_id CVE-2016-9187
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9187
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.3
purl pkg:composer/moodle/moodle@3.1.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-336n-hpzg-euhd
3
vulnerability VCID-4rz2-b4e3-87g5
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-65y9-9ur2-pugc
6
vulnerability VCID-83kb-4mk9-t7ge
7
vulnerability VCID-8mgr-gdzj-4ybs
8
vulnerability VCID-9nd7-4wve-97hc
9
vulnerability VCID-9t4u-n1pn-w3bd
10
vulnerability VCID-a6pb-47tu-afcg
11
vulnerability VCID-ajkr-fxa1-mkhk
12
vulnerability VCID-b7br-bh2d-rygp
13
vulnerability VCID-bjnq-q2nd-1khp
14
vulnerability VCID-ckg1-9vpt-yfdk
15
vulnerability VCID-deur-8zdf-2kh2
16
vulnerability VCID-dhku-uah4-ykh8
17
vulnerability VCID-duna-st9c-mqbk
18
vulnerability VCID-e2zc-7ujn-wybu
19
vulnerability VCID-eu27-a3px-87ed
20
vulnerability VCID-fegs-ubsk-63hu
21
vulnerability VCID-g8ct-c4ce-zuaf
22
vulnerability VCID-jcq6-btgz-fkf6
23
vulnerability VCID-jn5n-6hg9-tyf7
24
vulnerability VCID-k73h-z6j8-gkgz
25
vulnerability VCID-m3np-aebb-8qaa
26
vulnerability VCID-m4zv-e3dn-budf
27
vulnerability VCID-mkfz-e1ft-2bcw
28
vulnerability VCID-nntc-dsz1-e3fp
29
vulnerability VCID-p2gd-7uam-mqf8
30
vulnerability VCID-q2fa-jymp-c3bb
31
vulnerability VCID-qhv1-wgpm-7fh6
32
vulnerability VCID-qxsq-ku22-r7gx
33
vulnerability VCID-r6kn-b963-eqge
34
vulnerability VCID-s6uu-335k-yfbc
35
vulnerability VCID-vfp6-4h8n-bkax
36
vulnerability VCID-vtq4-fpr8-hudb
37
vulnerability VCID-w9ca-exua-g7ar
38
vulnerability VCID-x7rg-rsb5-pya7
39
vulnerability VCID-x927-nh46-7fdy
40
vulnerability VCID-y8up-cqtu-jkdw
41
vulnerability VCID-yghg-775s-vber
42
vulnerability VCID-yp82-zj5g-pbaf
43
vulnerability VCID-zgzm-wj81-jkah
44
vulnerability VCID-zjrq-np3y-hua5
45
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.3
aliases CVE-2016-9187, GHSA-58fm-v4pr-jh8p
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k1bh-ymgt-e7cd
18
url VCID-k6pw-51st-b3d2
vulnerability_id VCID-k6pw-51st-b3d2
summary 
Cross-site Scripting
Cross-site scripting (XSS) vulnerability in the `advanced-search` feature in `mod_data` in Moodle allows remote attackers to inject arbitrary web script or HTML via a crafted field in a URL.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52727
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52727
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2153
reference_id
reference_type
scores
0
value 0.00223
scoring_system epss
scoring_elements 0.44992
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2153
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/87e60e529939c60ef5b07d70c37426d359b2e8a2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/87e60e529939c60ef5b07d70c37426d359b2e8a2
4
reference_url https://github.com/moodle/moodle/commit/8f95eac1634b4d84053cef52a03065e620d6adf2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/8f95eac1634b4d84053cef52a03065e620d6adf2
5
reference_url https://github.com/moodle/moodle/commit/a5fae3b0d21cc85a7ea2d2c2af8c7fc9acf2fd92
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/a5fae3b0d21cc85a7ea2d2c2af8c7fc9acf2fd92
6
reference_url https://github.com/moodle/moodle/commit/de60fc23aeeef5631d5718469124af3257383ead
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/de60fc23aeeef5631d5718469124af3257383ead
7
reference_url https://github.com/moodle/moodle/commit/ead2dd9c161fcfde04ee1fa602e9101a47c53503
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/ead2dd9c161fcfde04ee1fa602e9101a47c53503
8
reference_url https://moodle.org/mod/forum/discuss.php?d=330175
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=330175
9
reference_url https://web.archive.org/web/20160424224349/http://www.securitytracker.com/id/1035333
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20160424224349/http://www.securitytracker.com/id/1035333
10
reference_url http://www.openwall.com/lists/oss-security/2016/03/21/1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/03/21/1
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2153
reference_id CVE-2016-2153
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-2153
12
reference_url https://github.com/advisories/GHSA-mj85-3hqq-r6r9
reference_id GHSA-mj85-3hqq-r6r9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mj85-3hqq-r6r9
fixed_packages
0
url pkg:composer/moodle/moodle@2.7.13
purl pkg:composer/moodle/moodle@2.7.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-4kq5-ctsv-eka8
3
vulnerability VCID-5rbf-4dz3-2qdz
4
vulnerability VCID-65y9-9ur2-pugc
5
vulnerability VCID-83kb-4mk9-t7ge
6
vulnerability VCID-8cc1-hbzm-87bx
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-bjnq-q2nd-1khp
10
vulnerability VCID-dhku-uah4-ykh8
11
vulnerability VCID-duna-st9c-mqbk
12
vulnerability VCID-eu27-a3px-87ed
13
vulnerability VCID-fsex-f512-pudv
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-k1bh-ymgt-e7cd
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-kgvw-uxf4-wbc1
18
vulnerability VCID-m3np-aebb-8qaa
19
vulnerability VCID-m4zv-e3dn-budf
20
vulnerability VCID-mkfz-e1ft-2bcw
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-qhv1-wgpm-7fh6
23
vulnerability VCID-r6kn-b963-eqge
24
vulnerability VCID-s3ue-e5h8-f3dy
25
vulnerability VCID-s6uu-335k-yfbc
26
vulnerability VCID-vb67-yux5-ayhf
27
vulnerability VCID-vfp6-4h8n-bkax
28
vulnerability VCID-vtq4-fpr8-hudb
29
vulnerability VCID-w9ca-exua-g7ar
30
vulnerability VCID-x7rg-rsb5-pya7
31
vulnerability VCID-y8up-cqtu-jkdw
32
vulnerability VCID-yghg-775s-vber
33
vulnerability VCID-zjrq-np3y-hua5
34
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.13
1
url pkg:composer/moodle/moodle@2.8.11
purl pkg:composer/moodle/moodle@2.8.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4kq5-ctsv-eka8
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8cc1-hbzm-87bx
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fsex-f512-pudv
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-k1bh-ymgt-e7cd
13
vulnerability VCID-k73h-z6j8-gkgz
14
vulnerability VCID-kgvw-uxf4-wbc1
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-r6kn-b963-eqge
21
vulnerability VCID-s3ue-e5h8-f3dy
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zjrq-np3y-hua5
30
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.11
2
url pkg:composer/moodle/moodle@2.9.5
purl pkg:composer/moodle/moodle@2.9.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4kq5-ctsv-eka8
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8cc1-hbzm-87bx
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fsex-f512-pudv
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-k1bh-ymgt-e7cd
13
vulnerability VCID-k73h-z6j8-gkgz
14
vulnerability VCID-kgvw-uxf4-wbc1
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-r6kn-b963-eqge
21
vulnerability VCID-s3ue-e5h8-f3dy
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zjrq-np3y-hua5
30
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.5
3
url pkg:composer/moodle/moodle@3.0.3
purl pkg:composer/moodle/moodle@3.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-4kq5-ctsv-eka8
3
vulnerability VCID-5rbf-4dz3-2qdz
4
vulnerability VCID-65y9-9ur2-pugc
5
vulnerability VCID-83kb-4mk9-t7ge
6
vulnerability VCID-8cc1-hbzm-87bx
7
vulnerability VCID-9nd7-4wve-97hc
8
vulnerability VCID-a6pb-47tu-afcg
9
vulnerability VCID-ajkr-fxa1-mkhk
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-dhku-uah4-ykh8
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eu27-a3px-87ed
14
vulnerability VCID-fsex-f512-pudv
15
vulnerability VCID-jcq6-btgz-fkf6
16
vulnerability VCID-k1bh-ymgt-e7cd
17
vulnerability VCID-k73h-z6j8-gkgz
18
vulnerability VCID-kgvw-uxf4-wbc1
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-qhv1-wgpm-7fh6
24
vulnerability VCID-r6kn-b963-eqge
25
vulnerability VCID-s3ue-e5h8-f3dy
26
vulnerability VCID-s6uu-335k-yfbc
27
vulnerability VCID-vb67-yux5-ayhf
28
vulnerability VCID-vfp6-4h8n-bkax
29
vulnerability VCID-vtq4-fpr8-hudb
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-yghg-775s-vber
34
vulnerability VCID-zgzm-wj81-jkah
35
vulnerability VCID-zjrq-np3y-hua5
36
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.3
aliases CVE-2016-2153, GHSA-mj85-3hqq-r6r9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k6pw-51st-b3d2
19
url VCID-k73h-z6j8-gkgz
vulnerability_id VCID-k73h-z6j8-gkgz
summary 
Information Exposure
The `/userpix/` page did not escape users' full names, which are included as text when hovering over profile images. Note this page is not linked to by default and its access is restricted.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-64372
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-64372
1
reference_url http://packetstormsecurity.com/files/162399/Moodle-3.6.1-Cross-Site-Scripting.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/162399/Moodle-3.6.1-Cross-Site-Scripting.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3810
reference_id
reference_type
scores
0
value 0.08385
scoring_system epss
scoring_elements 0.92457
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3810
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3810
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3810
4
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
5
reference_url https://moodle.org/mod/forum/discuss.php?d=381230#p1536767
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=381230#p1536767
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/49814.txt
reference_id CVE-2019-3810
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/49814.txt
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-3810
reference_id CVE-2019-3810
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-3810
8
reference_url https://github.com/advisories/GHSA-wm4w-8vc6-2j4h
reference_id GHSA-wm4w-8vc6-2j4h
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wm4w-8vc6-2j4h
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.0-beta
purl pkg:composer/moodle/moodle@3.1.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-ajkr-fxa1-mkhk
3
vulnerability VCID-duna-st9c-mqbk
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-k1bh-ymgt-e7cd
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-mkfz-e1ft-2bcw
9
vulnerability VCID-nntc-dsz1-e3fp
10
vulnerability VCID-qhv1-wgpm-7fh6
11
vulnerability VCID-r6kn-b963-eqge
12
vulnerability VCID-s6uu-335k-yfbc
13
vulnerability VCID-w9ca-exua-g7ar
14
vulnerability VCID-x7rg-rsb5-pya7
15
vulnerability VCID-y8up-cqtu-jkdw
16
vulnerability VCID-yghg-775s-vber
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.0-beta
1
url pkg:composer/moodle/moodle@3.1.15
purl pkg:composer/moodle/moodle@3.1.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-9t4u-n1pn-w3bd
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-deur-8zdf-2kh2
5
vulnerability VCID-eu27-a3px-87ed
6
vulnerability VCID-jcq6-btgz-fkf6
7
vulnerability VCID-k73h-z6j8-gkgz
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-mkfz-e1ft-2bcw
10
vulnerability VCID-nntc-dsz1-e3fp
11
vulnerability VCID-qhv1-wgpm-7fh6
12
vulnerability VCID-qxsq-ku22-r7gx
13
vulnerability VCID-r6kn-b963-eqge
14
vulnerability VCID-s6uu-335k-yfbc
15
vulnerability VCID-w9ca-exua-g7ar
16
vulnerability VCID-x7rg-rsb5-pya7
17
vulnerability VCID-y8up-cqtu-jkdw
18
vulnerability VCID-zjrq-np3y-hua5
19
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.15
2
url pkg:composer/moodle/moodle@3.1.16
purl pkg:composer/moodle/moodle@3.1.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qhv1-wgpm-7fh6
9
vulnerability VCID-qxsq-ku22-r7gx
10
vulnerability VCID-r6kn-b963-eqge
11
vulnerability VCID-s6uu-335k-yfbc
12
vulnerability VCID-w9ca-exua-g7ar
13
vulnerability VCID-x7rg-rsb5-pya7
14
vulnerability VCID-y8up-cqtu-jkdw
15
vulnerability VCID-zjrq-np3y-hua5
16
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.16
3
url pkg:composer/moodle/moodle@3.4.6
purl pkg:composer/moodle/moodle@3.4.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-deur-8zdf-2kh2
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-k73h-z6j8-gkgz
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-mkfz-e1ft-2bcw
9
vulnerability VCID-nntc-dsz1-e3fp
10
vulnerability VCID-qhv1-wgpm-7fh6
11
vulnerability VCID-qxsq-ku22-r7gx
12
vulnerability VCID-r6kn-b963-eqge
13
vulnerability VCID-s6uu-335k-yfbc
14
vulnerability VCID-w9ca-exua-g7ar
15
vulnerability VCID-x7rg-rsb5-pya7
16
vulnerability VCID-y8up-cqtu-jkdw
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.6
4
url pkg:composer/moodle/moodle@3.4.7
purl pkg:composer/moodle/moodle@3.4.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qhv1-wgpm-7fh6
9
vulnerability VCID-qxsq-ku22-r7gx
10
vulnerability VCID-r6kn-b963-eqge
11
vulnerability VCID-s6uu-335k-yfbc
12
vulnerability VCID-w9ca-exua-g7ar
13
vulnerability VCID-x7rg-rsb5-pya7
14
vulnerability VCID-y8up-cqtu-jkdw
15
vulnerability VCID-zjrq-np3y-hua5
16
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.7
5
url pkg:composer/moodle/moodle@3.5.3
purl pkg:composer/moodle/moodle@3.5.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-3cb4-wz6x-ckcd
3
vulnerability VCID-42fa-qbft-rfff
4
vulnerability VCID-56wj-4124-ryd2
5
vulnerability VCID-6m19-4krm-2udd
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-akv3-zfp8-kkc7
8
vulnerability VCID-bbj9-hpz3-xqhh
9
vulnerability VCID-c1a1-z5m1-nfbc
10
vulnerability VCID-deur-8zdf-2kh2
11
vulnerability VCID-dpd2-1sqc-qqfy
12
vulnerability VCID-eu27-a3px-87ed
13
vulnerability VCID-fskk-cb95-uqer
14
vulnerability VCID-gnez-ehgq-rfbr
15
vulnerability VCID-hhzz-hbqz-akfw
16
vulnerability VCID-jcq6-btgz-fkf6
17
vulnerability VCID-jcsq-3q5z-4kc6
18
vulnerability VCID-k73h-z6j8-gkgz
19
vulnerability VCID-kgva-z9gg-u3dw
20
vulnerability VCID-m3np-aebb-8qaa
21
vulnerability VCID-mhm4-8kuk-t7b6
22
vulnerability VCID-mkfz-e1ft-2bcw
23
vulnerability VCID-mqde-66zm-qbbj
24
vulnerability VCID-nntc-dsz1-e3fp
25
vulnerability VCID-paj4-nq1r-jbd3
26
vulnerability VCID-pgfa-bkaw-q7cq
27
vulnerability VCID-qhv1-wgpm-7fh6
28
vulnerability VCID-qxsq-ku22-r7gx
29
vulnerability VCID-r6kn-b963-eqge
30
vulnerability VCID-s6uu-335k-yfbc
31
vulnerability VCID-w2b2-fuky-j3ff
32
vulnerability VCID-w9ca-exua-g7ar
33
vulnerability VCID-x7rg-rsb5-pya7
34
vulnerability VCID-y8up-cqtu-jkdw
35
vulnerability VCID-zjrq-np3y-hua5
36
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.3
6
url pkg:composer/moodle/moodle@3.5.4
purl pkg:composer/moodle/moodle@3.5.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-3cb4-wz6x-ckcd
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-56wj-4124-ryd2
4
vulnerability VCID-6m19-4krm-2udd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-akv3-zfp8-kkc7
7
vulnerability VCID-bbj9-hpz3-xqhh
8
vulnerability VCID-c1a1-z5m1-nfbc
9
vulnerability VCID-deur-8zdf-2kh2
10
vulnerability VCID-dpd2-1sqc-qqfy
11
vulnerability VCID-eu27-a3px-87ed
12
vulnerability VCID-fskk-cb95-uqer
13
vulnerability VCID-gnez-ehgq-rfbr
14
vulnerability VCID-hhzz-hbqz-akfw
15
vulnerability VCID-jcq6-btgz-fkf6
16
vulnerability VCID-jcsq-3q5z-4kc6
17
vulnerability VCID-kgva-z9gg-u3dw
18
vulnerability VCID-m3np-aebb-8qaa
19
vulnerability VCID-mhm4-8kuk-t7b6
20
vulnerability VCID-mkfz-e1ft-2bcw
21
vulnerability VCID-mqde-66zm-qbbj
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-paj4-nq1r-jbd3
24
vulnerability VCID-pgfa-bkaw-q7cq
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-qxsq-ku22-r7gx
27
vulnerability VCID-r6kn-b963-eqge
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-w2b2-fuky-j3ff
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-zjrq-np3y-hua5
34
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.4
7
url pkg:composer/moodle/moodle@3.6.1
purl pkg:composer/moodle/moodle@3.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-akv3-zfp8-kkc7
4
vulnerability VCID-deur-8zdf-2kh2
5
vulnerability VCID-eu27-a3px-87ed
6
vulnerability VCID-hhzz-hbqz-akfw
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-k73h-z6j8-gkgz
9
vulnerability VCID-kgva-z9gg-u3dw
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-n5tc-1k33-dfeq
12
vulnerability VCID-paj4-nq1r-jbd3
13
vulnerability VCID-qhv1-wgpm-7fh6
14
vulnerability VCID-qxsq-ku22-r7gx
15
vulnerability VCID-r6kn-b963-eqge
16
vulnerability VCID-s6uu-335k-yfbc
17
vulnerability VCID-w2b2-fuky-j3ff
18
vulnerability VCID-w9ca-exua-g7ar
19
vulnerability VCID-x7rg-rsb5-pya7
20
vulnerability VCID-y8up-cqtu-jkdw
21
vulnerability VCID-zjrq-np3y-hua5
22
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.1
8
url pkg:composer/moodle/moodle@3.6.2
purl pkg:composer/moodle/moodle@3.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-akv3-zfp8-kkc7
3
vulnerability VCID-deur-8zdf-2kh2
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-hhzz-hbqz-akfw
6
vulnerability VCID-jcq6-btgz-fkf6
7
vulnerability VCID-kgva-z9gg-u3dw
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-n5tc-1k33-dfeq
10
vulnerability VCID-paj4-nq1r-jbd3
11
vulnerability VCID-qhv1-wgpm-7fh6
12
vulnerability VCID-qxsq-ku22-r7gx
13
vulnerability VCID-r6kn-b963-eqge
14
vulnerability VCID-s6uu-335k-yfbc
15
vulnerability VCID-w2b2-fuky-j3ff
16
vulnerability VCID-w9ca-exua-g7ar
17
vulnerability VCID-x7rg-rsb5-pya7
18
vulnerability VCID-y8up-cqtu-jkdw
19
vulnerability VCID-zjrq-np3y-hua5
20
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.2
aliases CVE-2019-3810, GHSA-wm4w-8vc6-2j4h
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k73h-z6j8-gkgz
20
url VCID-kgvw-uxf4-wbc1
vulnerability_id VCID-kgvw-uxf4-wbc1
summary 
Cross-Site Request Forgery (CSRF)
A Cross-site request forgery (CSRF) vulnerability in `markposts.php` in Moodle allows remote attackers to hijack the authentication of users for requests that marks forum posts as read.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-53755
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-53755
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3734
reference_id
reference_type
scores
0
value 0.00093
scoring_system epss
scoring_elements 0.25973
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3734
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1335933
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1335933
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/01408d619ba89d32f9ad83308990ff9b0374cb57
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/01408d619ba89d32f9ad83308990ff9b0374cb57
5
reference_url https://github.com/moodle/moodle/commit/1f5c494f761ef7961c449075adf192e149148e1a
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/1f5c494f761ef7961c449075adf192e149148e1a
6
reference_url https://github.com/moodle/moodle/commit/7873e36f0cc0ccfd1424ff9302eb1ea9e4e74305
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/7873e36f0cc0ccfd1424ff9302eb1ea9e4e74305
7
reference_url https://github.com/moodle/moodle/commit/d98c24659935c1bdff4b35ec0a85ab1a3ab05d9f
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/d98c24659935c1bdff4b35ec0a85ab1a3ab05d9f
8
reference_url https://github.com/moodle/moodle/commit/e90e0ea5700ee9b016034b74ed7f41787109d1a2
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/e90e0ea5700ee9b016034b74ed7f41787109d1a2
9
reference_url https://web.archive.org/web/20160703032310/http://www.securitytracker.com/id/1035902
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20160703032310/http://www.securitytracker.com/id/1035902
10
reference_url https://web.archive.org/web/20160930194927/http://www.securityfocus.com/bid/91281
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20160930194927/http://www.securityfocus.com/bid/91281
11
reference_url http://www.openwall.com/lists/oss-security/2016/05/17/4
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/05/17/4
12
reference_url http://www.securityfocus.com/bid/91281
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/91281
13
reference_url http://www.securitytracker.com/id/1035902
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1035902
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3734
reference_id CVE-2016-3734
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3734
15
reference_url https://github.com/advisories/GHSA-r867-v437-4rrm
reference_id GHSA-r867-v437-4rrm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r867-v437-4rrm
fixed_packages
0
url pkg:composer/moodle/moodle@2.7.14
purl pkg:composer/moodle/moodle@2.7.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-5rbf-4dz3-2qdz
3
vulnerability VCID-65y9-9ur2-pugc
4
vulnerability VCID-83kb-4mk9-t7ge
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-dhku-uah4-ykh8
9
vulnerability VCID-duna-st9c-mqbk
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k73h-z6j8-gkgz
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-r6kn-b963-eqge
21
vulnerability VCID-s6uu-335k-yfbc
22
vulnerability VCID-vb67-yux5-ayhf
23
vulnerability VCID-vfp6-4h8n-bkax
24
vulnerability VCID-vtq4-fpr8-hudb
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zjrq-np3y-hua5
30
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.14
1
url pkg:composer/moodle/moodle@2.8.12
purl pkg:composer/moodle/moodle@2.8.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-65y9-9ur2-pugc
2
vulnerability VCID-83kb-4mk9-t7ge
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-duna-st9c-mqbk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-fsex-f512-pudv
9
vulnerability VCID-jcq6-btgz-fkf6
10
vulnerability VCID-k1bh-ymgt-e7cd
11
vulnerability VCID-k73h-z6j8-gkgz
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-nntc-dsz1-e3fp
16
vulnerability VCID-qhv1-wgpm-7fh6
17
vulnerability VCID-qtt4-455b-abb6
18
vulnerability VCID-r6kn-b963-eqge
19
vulnerability VCID-s6uu-335k-yfbc
20
vulnerability VCID-v54t-5thx-1beu
21
vulnerability VCID-vb67-yux5-ayhf
22
vulnerability VCID-vfp6-4h8n-bkax
23
vulnerability VCID-w9ca-exua-g7ar
24
vulnerability VCID-x7rg-rsb5-pya7
25
vulnerability VCID-y8up-cqtu-jkdw
26
vulnerability VCID-yghg-775s-vber
27
vulnerability VCID-zjrq-np3y-hua5
28
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.12
2
url pkg:composer/moodle/moodle@2.9.6
purl pkg:composer/moodle/moodle@2.9.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-65y9-9ur2-pugc
2
vulnerability VCID-83kb-4mk9-t7ge
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-duna-st9c-mqbk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-fsex-f512-pudv
9
vulnerability VCID-jcq6-btgz-fkf6
10
vulnerability VCID-k1bh-ymgt-e7cd
11
vulnerability VCID-k73h-z6j8-gkgz
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-nntc-dsz1-e3fp
16
vulnerability VCID-qhv1-wgpm-7fh6
17
vulnerability VCID-qtt4-455b-abb6
18
vulnerability VCID-r6kn-b963-eqge
19
vulnerability VCID-s6uu-335k-yfbc
20
vulnerability VCID-vb67-yux5-ayhf
21
vulnerability VCID-vfp6-4h8n-bkax
22
vulnerability VCID-w9ca-exua-g7ar
23
vulnerability VCID-x7rg-rsb5-pya7
24
vulnerability VCID-y8up-cqtu-jkdw
25
vulnerability VCID-yghg-775s-vber
26
vulnerability VCID-zjrq-np3y-hua5
27
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.6
3
url pkg:composer/moodle/moodle@3.0.4
purl pkg:composer/moodle/moodle@3.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-5rbf-4dz3-2qdz
3
vulnerability VCID-65y9-9ur2-pugc
4
vulnerability VCID-83kb-4mk9-t7ge
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-ajkr-fxa1-mkhk
8
vulnerability VCID-bjnq-q2nd-1khp
9
vulnerability VCID-dhku-uah4-ykh8
10
vulnerability VCID-duna-st9c-mqbk
11
vulnerability VCID-eu27-a3px-87ed
12
vulnerability VCID-fsex-f512-pudv
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k1bh-ymgt-e7cd
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qtt4-455b-abb6
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-vtq4-fpr8-hudb
27
vulnerability VCID-w9ca-exua-g7ar
28
vulnerability VCID-x7rg-rsb5-pya7
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zgzm-wj81-jkah
32
vulnerability VCID-zjrq-np3y-hua5
33
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.4
aliases CVE-2016-3734, GHSA-r867-v437-4rrm
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kgvw-uxf4-wbc1
21
url VCID-m3np-aebb-8qaa
vulnerability_id VCID-m3np-aebb-8qaa
summary 
Improper Access Control
A web service fetching messages was not restricted to the current user's conversations.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10154
reference_id
reference_type
scores
0
value 0.00236
scoring_system epss
scoring_elements 0.4672
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10154
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10154
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10154
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/2904a7f851da8e66be12f41d55068bf07817fbd6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/2904a7f851da8e66be12f41d55068bf07817fbd6
4
reference_url https://github.com/moodle/moodle/commit/a3d19efab4aff83c07db9f0ad34c8f0e1f29c64c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/a3d19efab4aff83c07db9f0ad34c8f0e1f29c64c
5
reference_url https://moodle.org/mod/forum/discuss.php?d=386521
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=386521
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10154
reference_id CVE-2019-10154
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10154
fixed_packages
0
url pkg:composer/moodle/moodle@3.6.4
purl pkg:composer/moodle/moodle@3.6.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-eu27-a3px-87ed
3
vulnerability VCID-hhzz-hbqz-akfw
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-kgva-z9gg-u3dw
6
vulnerability VCID-n5tc-1k33-dfeq
7
vulnerability VCID-paj4-nq1r-jbd3
8
vulnerability VCID-w2b2-fuky-j3ff
9
vulnerability VCID-w9ca-exua-g7ar
10
vulnerability VCID-x7rg-rsb5-pya7
11
vulnerability VCID-y8up-cqtu-jkdw
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.4
aliases CVE-2019-10154, GHSA-ww45-x87c-wgff
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m3np-aebb-8qaa
22
url VCID-m4zv-e3dn-budf
vulnerability_id VCID-m4zv-e3dn-budf
summary 
Improper Access Control
Unauthenticated users can trigger custom messages to admin via paypal enrol script. Paypal IPN callback script should only send error emails to admin after request origin was verified, otherwise admin email can be spammed.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1081
reference_id
reference_type
scores
0
value 0.00927
scoring_system epss
scoring_elements 0.76428
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1081
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-61392
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-61392
3
reference_url https://moodle.org/mod/forum/discuss.php?d=367938
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=367938
4
reference_url http://www.securityfocus.com/bid/103728
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/103728
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1081
reference_id CVE-2018-1081
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1081
6
reference_url https://github.com/advisories/GHSA-v9xq-vh72-chr4
reference_id GHSA-v9xq-vh72-chr4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v9xq-vh72-chr4
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.0-beta
purl pkg:composer/moodle/moodle@3.1.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-ajkr-fxa1-mkhk
3
vulnerability VCID-duna-st9c-mqbk
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-k1bh-ymgt-e7cd
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-mkfz-e1ft-2bcw
9
vulnerability VCID-nntc-dsz1-e3fp
10
vulnerability VCID-qhv1-wgpm-7fh6
11
vulnerability VCID-r6kn-b963-eqge
12
vulnerability VCID-s6uu-335k-yfbc
13
vulnerability VCID-w9ca-exua-g7ar
14
vulnerability VCID-x7rg-rsb5-pya7
15
vulnerability VCID-y8up-cqtu-jkdw
16
vulnerability VCID-yghg-775s-vber
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.0-beta
1
url pkg:composer/moodle/moodle@3.1.11
purl pkg:composer/moodle/moodle@3.1.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-9t4u-n1pn-w3bd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-b7br-bh2d-rygp
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-ckg1-9vpt-yfdk
9
vulnerability VCID-deur-8zdf-2kh2
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fegs-ubsk-63hu
12
vulnerability VCID-g8ct-c4ce-zuaf
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k73h-z6j8-gkgz
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-mkfz-e1ft-2bcw
17
vulnerability VCID-nntc-dsz1-e3fp
18
vulnerability VCID-p2gd-7uam-mqf8
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-qxsq-ku22-r7gx
21
vulnerability VCID-r6kn-b963-eqge
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vfp6-4h8n-bkax
24
vulnerability VCID-w9ca-exua-g7ar
25
vulnerability VCID-x7rg-rsb5-pya7
26
vulnerability VCID-y8up-cqtu-jkdw
27
vulnerability VCID-zjrq-np3y-hua5
28
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.11
2
url pkg:composer/moodle/moodle@3.2.8
purl pkg:composer/moodle/moodle@3.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-b7br-bh2d-rygp
3
vulnerability VCID-ckg1-9vpt-yfdk
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-fegs-ubsk-63hu
6
vulnerability VCID-g8ct-c4ce-zuaf
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-mkfz-e1ft-2bcw
10
vulnerability VCID-nntc-dsz1-e3fp
11
vulnerability VCID-p2gd-7uam-mqf8
12
vulnerability VCID-qhv1-wgpm-7fh6
13
vulnerability VCID-w9ca-exua-g7ar
14
vulnerability VCID-x7rg-rsb5-pya7
15
vulnerability VCID-y8up-cqtu-jkdw
16
vulnerability VCID-zjrq-np3y-hua5
17
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.8
3
url pkg:composer/moodle/moodle@3.3.5
purl pkg:composer/moodle/moodle@3.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-8mgr-gdzj-4ybs
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-b7br-bh2d-rygp
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-ckg1-9vpt-yfdk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-fegs-ubsk-63hu
9
vulnerability VCID-g8ct-c4ce-zuaf
10
vulnerability VCID-jcq6-btgz-fkf6
11
vulnerability VCID-m3np-aebb-8qaa
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-mmg3-7fz9-5uak
14
vulnerability VCID-nntc-dsz1-e3fp
15
vulnerability VCID-p2gd-7uam-mqf8
16
vulnerability VCID-qhv1-wgpm-7fh6
17
vulnerability VCID-vfp6-4h8n-bkax
18
vulnerability VCID-w9ca-exua-g7ar
19
vulnerability VCID-x7rg-rsb5-pya7
20
vulnerability VCID-x9vd-njdz-jua9
21
vulnerability VCID-y8up-cqtu-jkdw
22
vulnerability VCID-zjrq-np3y-hua5
23
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.5
4
url pkg:composer/moodle/moodle@3.4.2
purl pkg:composer/moodle/moodle@3.4.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-b7br-bh2d-rygp
6
vulnerability VCID-bjnq-q2nd-1khp
7
vulnerability VCID-ckg1-9vpt-yfdk
8
vulnerability VCID-deur-8zdf-2kh2
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fegs-ubsk-63hu
11
vulnerability VCID-g8ct-c4ce-zuaf
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k73h-z6j8-gkgz
14
vulnerability VCID-m3np-aebb-8qaa
15
vulnerability VCID-mkfz-e1ft-2bcw
16
vulnerability VCID-mmg3-7fz9-5uak
17
vulnerability VCID-nntc-dsz1-e3fp
18
vulnerability VCID-p2gd-7uam-mqf8
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-qxsq-ku22-r7gx
21
vulnerability VCID-r6kn-b963-eqge
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vfp6-4h8n-bkax
24
vulnerability VCID-w9ca-exua-g7ar
25
vulnerability VCID-x7rg-rsb5-pya7
26
vulnerability VCID-x9vd-njdz-jua9
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-zjrq-np3y-hua5
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.2
aliases CVE-2018-1081, GHSA-v9xq-vh72-chr4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m4zv-e3dn-budf
23
url VCID-mkfz-e1ft-2bcw
vulnerability_id VCID-mkfz-e1ft-2bcw
summary 
Code Injection
It was found in Moodle that it was possible for site administrators to execute arbitrary PHP scripts via a PHP include used during Shibboleth authentication.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20187
reference_id
reference_type
scores
0
value 0.00679
scoring_system epss
scoring_elements 0.7197
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20187
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=417171
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=417171
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20187
reference_id CVE-2021-20187
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20187
4
reference_url https://github.com/advisories/GHSA-2jrm-gww7-wch2
reference_id GHSA-2jrm-gww7-wch2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2jrm-gww7-wch2
fixed_packages
0
url pkg:composer/moodle/moodle@3.5.16
purl pkg:composer/moodle/moodle@3.5.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-dpd2-1sqc-qqfy
2
vulnerability VCID-gnez-ehgq-rfbr
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
6
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.16
1
url pkg:composer/moodle/moodle@3.8.7
purl pkg:composer/moodle/moodle@3.8.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-dpd2-1sqc-qqfy
2
vulnerability VCID-gnez-ehgq-rfbr
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.7
2
url pkg:composer/moodle/moodle@3.9.4
purl pkg:composer/moodle/moodle@3.9.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-dpd2-1sqc-qqfy
2
vulnerability VCID-gnez-ehgq-rfbr
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.4
3
url pkg:composer/moodle/moodle@3.10.1
purl pkg:composer/moodle/moodle@3.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-bu6d-ns3s-fuck
2
vulnerability VCID-dpd2-1sqc-qqfy
3
vulnerability VCID-gnez-ehgq-rfbr
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.1
aliases CVE-2021-20187, GHSA-2jrm-gww7-wch2
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mkfz-e1ft-2bcw
24
url VCID-nntc-dsz1-e3fp
vulnerability_id VCID-nntc-dsz1-e3fp
summary 
Cross-site Scripting
It was found in Moodle that if the TeX notation filter was enabled, additional sanitizing of TeX content was required to prevent the risk of stored XSS.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20186
reference_id
reference_type
scores
0
value 0.0053
scoring_system epss
scoring_elements 0.67569
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20186
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=417170
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=417170
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20186
reference_id CVE-2021-20186
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20186
4
reference_url https://github.com/advisories/GHSA-h8m4-h385-qhqv
reference_id GHSA-h8m4-h385-qhqv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h8m4-h385-qhqv
fixed_packages
0
url pkg:composer/moodle/moodle@3.5.16
purl pkg:composer/moodle/moodle@3.5.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-dpd2-1sqc-qqfy
2
vulnerability VCID-gnez-ehgq-rfbr
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
6
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.16
1
url pkg:composer/moodle/moodle@3.8.7
purl pkg:composer/moodle/moodle@3.8.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-dpd2-1sqc-qqfy
2
vulnerability VCID-gnez-ehgq-rfbr
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.7
2
url pkg:composer/moodle/moodle@3.9.4
purl pkg:composer/moodle/moodle@3.9.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-dpd2-1sqc-qqfy
2
vulnerability VCID-gnez-ehgq-rfbr
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.4
3
url pkg:composer/moodle/moodle@3.10.1
purl pkg:composer/moodle/moodle@3.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-bu6d-ns3s-fuck
2
vulnerability VCID-dpd2-1sqc-qqfy
3
vulnerability VCID-gnez-ehgq-rfbr
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.1
aliases CVE-2021-20186, GHSA-h8m4-h385-qhqv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nntc-dsz1-e3fp
25
url VCID-qhv1-wgpm-7fh6
vulnerability_id VCID-qhv1-wgpm-7fh6
summary 
Improper Authorization
Users could assign themselves an escalated role within courses or content accessed via LTI, by modifying the request to the LTI publisher site.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3849
reference_id
reference_type
scores
0
value 0.00374
scoring_system epss
scoring_elements 0.59366
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3849
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3849
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3849
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/427463a52574e4b3bcbe1c65c49066438770641e
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/427463a52574e4b3bcbe1c65c49066438770641e
4
reference_url https://github.com/moodle/moodle/commit/430f685834cef190bdf58afabe79e765d596890d
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/430f685834cef190bdf58afabe79e765d596890d
5
reference_url https://github.com/moodle/moodle/commit/723d1a747555b795ed53a0fad01da455797bb78f
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/723d1a747555b795ed53a0fad01da455797bb78f
6
reference_url https://github.com/moodle/moodle/commit/898d5d05a0c3ae6795db0241bf3cb5951213d45c
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/898d5d05a0c3ae6795db0241bf3cb5951213d45c
7
reference_url https://github.com/moodle/moodle/commit/b77dcd23d8e39265b5c096f0d947764c02d832c8
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/b77dcd23d8e39265b5c096f0d947764c02d832c8
8
reference_url https://github.com/moodle/moodle/commit/cd3060d941a051931eb2613b25bafb0108665895
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/cd3060d941a051931eb2613b25bafb0108665895
9
reference_url https://github.com/moodle/moodle/commit/fba7dcd90abd45210d782a79c6e25bb3840c7438
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/fba7dcd90abd45210d782a79c6e25bb3840c7438
10
reference_url https://moodle.org/mod/forum/discuss.php?d=384012#p1547744
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=384012#p1547744
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-3849
reference_id CVE-2019-3849
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-3849
12
reference_url https://github.com/advisories/GHSA-5wg9-5w3f-hxmh
reference_id GHSA-5wg9-5w3f-hxmh
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5wg9-5w3f-hxmh
fixed_packages
0
url pkg:composer/moodle/moodle@3.4.8
purl pkg:composer/moodle/moodle@3.4.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qxsq-ku22-r7gx
9
vulnerability VCID-w9ca-exua-g7ar
10
vulnerability VCID-x7rg-rsb5-pya7
11
vulnerability VCID-y8up-cqtu-jkdw
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.8
1
url pkg:composer/moodle/moodle@3.5.5
purl pkg:composer/moodle/moodle@3.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-3cb4-wz6x-ckcd
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-56wj-4124-ryd2
4
vulnerability VCID-6m19-4krm-2udd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-bbj9-hpz3-xqhh
7
vulnerability VCID-c1a1-z5m1-nfbc
8
vulnerability VCID-deur-8zdf-2kh2
9
vulnerability VCID-dpd2-1sqc-qqfy
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fskk-cb95-uqer
12
vulnerability VCID-gnez-ehgq-rfbr
13
vulnerability VCID-hhzz-hbqz-akfw
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-jcsq-3q5z-4kc6
16
vulnerability VCID-kgva-z9gg-u3dw
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-mhm4-8kuk-t7b6
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-mqde-66zm-qbbj
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-paj4-nq1r-jbd3
23
vulnerability VCID-pgfa-bkaw-q7cq
24
vulnerability VCID-qxsq-ku22-r7gx
25
vulnerability VCID-w2b2-fuky-j3ff
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-y8up-cqtu-jkdw
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.5
2
url pkg:composer/moodle/moodle@3.6.3
purl pkg:composer/moodle/moodle@3.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-hhzz-hbqz-akfw
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-kgva-z9gg-u3dw
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-n5tc-1k33-dfeq
9
vulnerability VCID-paj4-nq1r-jbd3
10
vulnerability VCID-qxsq-ku22-r7gx
11
vulnerability VCID-w2b2-fuky-j3ff
12
vulnerability VCID-w9ca-exua-g7ar
13
vulnerability VCID-x7rg-rsb5-pya7
14
vulnerability VCID-y8up-cqtu-jkdw
15
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.3
aliases CVE-2019-3849, GHSA-5wg9-5w3f-hxmh
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qhv1-wgpm-7fh6
26
url VCID-r6kn-b963-eqge
vulnerability_id VCID-r6kn-b963-eqge
summary 
URL Redirection to Untrusted Site (Open Redirect)
Links within assignment submission comments would open directly (in the same window). Although links themselves may be valid, opening within the same window and without the no-referrer header policy made them more susceptible to exploits.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3850
reference_id
reference_type
scores
0
value 0.00072
scoring_system epss
scoring_elements 0.22031
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3850
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3850
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3850
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/1fc481dd7b09e08e85824c1fe6733b303a36bdce
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/1fc481dd7b09e08e85824c1fe6733b303a36bdce
4
reference_url https://github.com/moodle/moodle/commit/772c908d40a944efd91d897d524b255626d330d4
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/772c908d40a944efd91d897d524b255626d330d4
5
reference_url https://github.com/moodle/moodle/commit/907b377e51c32ea37feef53e10684b504e103273
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/907b377e51c32ea37feef53e10684b504e103273
6
reference_url https://github.com/moodle/moodle/commit/d3f2f990dd3c5d4e6073a77154c6423d1c304647
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/d3f2f990dd3c5d4e6073a77154c6423d1c304647
7
reference_url https://moodle.org/mod/forum/discuss.php?d=384013#p1547745
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=384013#p1547745
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-3850
reference_id CVE-2019-3850
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-3850
9
reference_url https://github.com/advisories/GHSA-3fj7-9j8m-7r8g
reference_id GHSA-3fj7-9j8m-7r8g
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3fj7-9j8m-7r8g
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.17
purl pkg:composer/moodle/moodle@3.1.17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qhv1-wgpm-7fh6
9
vulnerability VCID-qxsq-ku22-r7gx
10
vulnerability VCID-w9ca-exua-g7ar
11
vulnerability VCID-x7rg-rsb5-pya7
12
vulnerability VCID-y8up-cqtu-jkdw
13
vulnerability VCID-zjrq-np3y-hua5
14
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.17
1
url pkg:composer/moodle/moodle@3.4.8
purl pkg:composer/moodle/moodle@3.4.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qxsq-ku22-r7gx
9
vulnerability VCID-w9ca-exua-g7ar
10
vulnerability VCID-x7rg-rsb5-pya7
11
vulnerability VCID-y8up-cqtu-jkdw
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.8
2
url pkg:composer/moodle/moodle@3.5.5
purl pkg:composer/moodle/moodle@3.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-3cb4-wz6x-ckcd
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-56wj-4124-ryd2
4
vulnerability VCID-6m19-4krm-2udd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-bbj9-hpz3-xqhh
7
vulnerability VCID-c1a1-z5m1-nfbc
8
vulnerability VCID-deur-8zdf-2kh2
9
vulnerability VCID-dpd2-1sqc-qqfy
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fskk-cb95-uqer
12
vulnerability VCID-gnez-ehgq-rfbr
13
vulnerability VCID-hhzz-hbqz-akfw
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-jcsq-3q5z-4kc6
16
vulnerability VCID-kgva-z9gg-u3dw
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-mhm4-8kuk-t7b6
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-mqde-66zm-qbbj
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-paj4-nq1r-jbd3
23
vulnerability VCID-pgfa-bkaw-q7cq
24
vulnerability VCID-qxsq-ku22-r7gx
25
vulnerability VCID-w2b2-fuky-j3ff
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-y8up-cqtu-jkdw
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.5
3
url pkg:composer/moodle/moodle@3.6.3
purl pkg:composer/moodle/moodle@3.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-hhzz-hbqz-akfw
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-kgva-z9gg-u3dw
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-n5tc-1k33-dfeq
9
vulnerability VCID-paj4-nq1r-jbd3
10
vulnerability VCID-qxsq-ku22-r7gx
11
vulnerability VCID-w2b2-fuky-j3ff
12
vulnerability VCID-w9ca-exua-g7ar
13
vulnerability VCID-x7rg-rsb5-pya7
14
vulnerability VCID-y8up-cqtu-jkdw
15
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.3
aliases CVE-2019-3850, GHSA-3fj7-9j8m-7r8g
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r6kn-b963-eqge
27
url VCID-s3ue-e5h8-f3dy
vulnerability_id VCID-s3ue-e5h8-f3dy
summary 
Improper Access Control
The user editing form in Moodle allows remote authenticated users to edit profile fields locked by the administrator.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3729
reference_id
reference_type
scores
0
value 0.00379
scoring_system epss
scoring_elements 0.59724
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3729
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1335933
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1335933
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url http://www.openwall.com/lists/oss-security/2016/05/17/4
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/05/17/4
4
reference_url http://www.securitytracker.com/id/1035902
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1035902
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3729
reference_id CVE-2016-3729
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3729
6
reference_url https://github.com/advisories/GHSA-g96h-wvrm-c2ww
reference_id GHSA-g96h-wvrm-c2ww
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g96h-wvrm-c2ww
fixed_packages
0
url pkg:composer/moodle/moodle@2.7.14
purl pkg:composer/moodle/moodle@2.7.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-5rbf-4dz3-2qdz
3
vulnerability VCID-65y9-9ur2-pugc
4
vulnerability VCID-83kb-4mk9-t7ge
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-dhku-uah4-ykh8
9
vulnerability VCID-duna-st9c-mqbk
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k73h-z6j8-gkgz
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-r6kn-b963-eqge
21
vulnerability VCID-s6uu-335k-yfbc
22
vulnerability VCID-vb67-yux5-ayhf
23
vulnerability VCID-vfp6-4h8n-bkax
24
vulnerability VCID-vtq4-fpr8-hudb
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zjrq-np3y-hua5
30
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.14
1
url pkg:composer/moodle/moodle@2.8.12
purl pkg:composer/moodle/moodle@2.8.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-65y9-9ur2-pugc
2
vulnerability VCID-83kb-4mk9-t7ge
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-duna-st9c-mqbk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-fsex-f512-pudv
9
vulnerability VCID-jcq6-btgz-fkf6
10
vulnerability VCID-k1bh-ymgt-e7cd
11
vulnerability VCID-k73h-z6j8-gkgz
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-nntc-dsz1-e3fp
16
vulnerability VCID-qhv1-wgpm-7fh6
17
vulnerability VCID-qtt4-455b-abb6
18
vulnerability VCID-r6kn-b963-eqge
19
vulnerability VCID-s6uu-335k-yfbc
20
vulnerability VCID-v54t-5thx-1beu
21
vulnerability VCID-vb67-yux5-ayhf
22
vulnerability VCID-vfp6-4h8n-bkax
23
vulnerability VCID-w9ca-exua-g7ar
24
vulnerability VCID-x7rg-rsb5-pya7
25
vulnerability VCID-y8up-cqtu-jkdw
26
vulnerability VCID-yghg-775s-vber
27
vulnerability VCID-zjrq-np3y-hua5
28
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.12
2
url pkg:composer/moodle/moodle@2.9.6
purl pkg:composer/moodle/moodle@2.9.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-65y9-9ur2-pugc
2
vulnerability VCID-83kb-4mk9-t7ge
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-duna-st9c-mqbk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-fsex-f512-pudv
9
vulnerability VCID-jcq6-btgz-fkf6
10
vulnerability VCID-k1bh-ymgt-e7cd
11
vulnerability VCID-k73h-z6j8-gkgz
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-nntc-dsz1-e3fp
16
vulnerability VCID-qhv1-wgpm-7fh6
17
vulnerability VCID-qtt4-455b-abb6
18
vulnerability VCID-r6kn-b963-eqge
19
vulnerability VCID-s6uu-335k-yfbc
20
vulnerability VCID-vb67-yux5-ayhf
21
vulnerability VCID-vfp6-4h8n-bkax
22
vulnerability VCID-w9ca-exua-g7ar
23
vulnerability VCID-x7rg-rsb5-pya7
24
vulnerability VCID-y8up-cqtu-jkdw
25
vulnerability VCID-yghg-775s-vber
26
vulnerability VCID-zjrq-np3y-hua5
27
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.6
3
url pkg:composer/moodle/moodle@3.0.3
purl pkg:composer/moodle/moodle@3.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-4kq5-ctsv-eka8
3
vulnerability VCID-5rbf-4dz3-2qdz
4
vulnerability VCID-65y9-9ur2-pugc
5
vulnerability VCID-83kb-4mk9-t7ge
6
vulnerability VCID-8cc1-hbzm-87bx
7
vulnerability VCID-9nd7-4wve-97hc
8
vulnerability VCID-a6pb-47tu-afcg
9
vulnerability VCID-ajkr-fxa1-mkhk
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-dhku-uah4-ykh8
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eu27-a3px-87ed
14
vulnerability VCID-fsex-f512-pudv
15
vulnerability VCID-jcq6-btgz-fkf6
16
vulnerability VCID-k1bh-ymgt-e7cd
17
vulnerability VCID-k73h-z6j8-gkgz
18
vulnerability VCID-kgvw-uxf4-wbc1
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-qhv1-wgpm-7fh6
24
vulnerability VCID-r6kn-b963-eqge
25
vulnerability VCID-s3ue-e5h8-f3dy
26
vulnerability VCID-s6uu-335k-yfbc
27
vulnerability VCID-vb67-yux5-ayhf
28
vulnerability VCID-vfp6-4h8n-bkax
29
vulnerability VCID-vtq4-fpr8-hudb
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-yghg-775s-vber
34
vulnerability VCID-zgzm-wj81-jkah
35
vulnerability VCID-zjrq-np3y-hua5
36
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.3
4
url pkg:composer/moodle/moodle@3.0.4
purl pkg:composer/moodle/moodle@3.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-5rbf-4dz3-2qdz
3
vulnerability VCID-65y9-9ur2-pugc
4
vulnerability VCID-83kb-4mk9-t7ge
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-ajkr-fxa1-mkhk
8
vulnerability VCID-bjnq-q2nd-1khp
9
vulnerability VCID-dhku-uah4-ykh8
10
vulnerability VCID-duna-st9c-mqbk
11
vulnerability VCID-eu27-a3px-87ed
12
vulnerability VCID-fsex-f512-pudv
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k1bh-ymgt-e7cd
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qtt4-455b-abb6
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-vtq4-fpr8-hudb
27
vulnerability VCID-w9ca-exua-g7ar
28
vulnerability VCID-x7rg-rsb5-pya7
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zgzm-wj81-jkah
32
vulnerability VCID-zjrq-np3y-hua5
33
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.4
aliases CVE-2016-3729, GHSA-g96h-wvrm-c2ww
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s3ue-e5h8-f3dy
28
url VCID-s6uu-335k-yfbc
vulnerability_id VCID-s6uu-335k-yfbc
summary 
Improper Input Validation
Users with the "login as other users" capability (such as administrators/managers) can access other users' Dashboards, but the JavaScript those other users may have added to their Dashboard was not being escaped when being viewed by the user logging in on their behalf.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3847
reference_id
reference_type
scores
0
value 0.00867
scoring_system epss
scoring_elements 0.75516
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3847
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3847
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3847
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/070f24d006eab6b958eb083530de159b43c538ed
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/070f24d006eab6b958eb083530de159b43c538ed
4
reference_url https://github.com/moodle/moodle/commit/93dda3bfd3caaaa8d23fe8ede543f27ef774958d
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/93dda3bfd3caaaa8d23fe8ede543f27ef774958d
5
reference_url https://github.com/moodle/moodle/commit/a37e26d2efe1ca0e4d8d69c611a748af35b33674
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/a37e26d2efe1ca0e4d8d69c611a748af35b33674
6
reference_url https://github.com/moodle/moodle/commit/e836242e1c04cd62d0afa4a790074fd245628e7a
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/e836242e1c04cd62d0afa4a790074fd245628e7a
7
reference_url https://github.com/moodle/moodle/commit/ec3b63c772d6448765c68268234cf36c1a91bcac
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/ec3b63c772d6448765c68268234cf36c1a91bcac
8
reference_url https://moodle.org/mod/forum/discuss.php?d=384010#p1547742
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=384010#p1547742
9
reference_url https://web.archive.org/web/20200227082922/http://www.securityfocus.com/bid/107489
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227082922/http://www.securityfocus.com/bid/107489
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-3847
reference_id CVE-2019-3847
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-3847
11
reference_url https://github.com/advisories/GHSA-qrcj-6fjw-3h9h
reference_id GHSA-qrcj-6fjw-3h9h
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qrcj-6fjw-3h9h
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.17
purl pkg:composer/moodle/moodle@3.1.17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qhv1-wgpm-7fh6
9
vulnerability VCID-qxsq-ku22-r7gx
10
vulnerability VCID-w9ca-exua-g7ar
11
vulnerability VCID-x7rg-rsb5-pya7
12
vulnerability VCID-y8up-cqtu-jkdw
13
vulnerability VCID-zjrq-np3y-hua5
14
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.17
1
url pkg:composer/moodle/moodle@3.4.8
purl pkg:composer/moodle/moodle@3.4.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qxsq-ku22-r7gx
9
vulnerability VCID-w9ca-exua-g7ar
10
vulnerability VCID-x7rg-rsb5-pya7
11
vulnerability VCID-y8up-cqtu-jkdw
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.8
2
url pkg:composer/moodle/moodle@3.5.5
purl pkg:composer/moodle/moodle@3.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-3cb4-wz6x-ckcd
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-56wj-4124-ryd2
4
vulnerability VCID-6m19-4krm-2udd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-bbj9-hpz3-xqhh
7
vulnerability VCID-c1a1-z5m1-nfbc
8
vulnerability VCID-deur-8zdf-2kh2
9
vulnerability VCID-dpd2-1sqc-qqfy
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fskk-cb95-uqer
12
vulnerability VCID-gnez-ehgq-rfbr
13
vulnerability VCID-hhzz-hbqz-akfw
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-jcsq-3q5z-4kc6
16
vulnerability VCID-kgva-z9gg-u3dw
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-mhm4-8kuk-t7b6
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-mqde-66zm-qbbj
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-paj4-nq1r-jbd3
23
vulnerability VCID-pgfa-bkaw-q7cq
24
vulnerability VCID-qxsq-ku22-r7gx
25
vulnerability VCID-w2b2-fuky-j3ff
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-y8up-cqtu-jkdw
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.5
3
url pkg:composer/moodle/moodle@3.6.3
purl pkg:composer/moodle/moodle@3.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-hhzz-hbqz-akfw
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-kgva-z9gg-u3dw
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-n5tc-1k33-dfeq
9
vulnerability VCID-paj4-nq1r-jbd3
10
vulnerability VCID-qxsq-ku22-r7gx
11
vulnerability VCID-w2b2-fuky-j3ff
12
vulnerability VCID-w9ca-exua-g7ar
13
vulnerability VCID-x7rg-rsb5-pya7
14
vulnerability VCID-y8up-cqtu-jkdw
15
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.3
aliases CVE-2019-3847, GHSA-qrcj-6fjw-3h9h
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s6uu-335k-yfbc
29
url VCID-vb67-yux5-ayhf
vulnerability_id VCID-vb67-yux5-ayhf
summary 
Weak Password Recovery Mechanism for Forgotten Password
In Moodle, web service tokens are not invalidated when the user password is changed or forced to be changed.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-7038
reference_id
reference_type
scores
0
value 0.00243
scoring_system epss
scoring_elements 0.47695
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-7038
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=339631
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=339631
3
reference_url http://www.securityfocus.com/bid/93174
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/93174
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-7038
reference_id CVE-2016-7038
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-7038
5
reference_url https://github.com/advisories/GHSA-2phx-w35g-x9vm
reference_id GHSA-2phx-w35g-x9vm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2phx-w35g-x9vm
fixed_packages
0
url pkg:composer/moodle/moodle@2.7.16
purl pkg:composer/moodle/moodle@2.7.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-5rbf-4dz3-2qdz
3
vulnerability VCID-65y9-9ur2-pugc
4
vulnerability VCID-83kb-4mk9-t7ge
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-dhku-uah4-ykh8
9
vulnerability VCID-duna-st9c-mqbk
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-k1bh-ymgt-e7cd
13
vulnerability VCID-k73h-z6j8-gkgz
14
vulnerability VCID-m3np-aebb-8qaa
15
vulnerability VCID-m4zv-e3dn-budf
16
vulnerability VCID-mkfz-e1ft-2bcw
17
vulnerability VCID-nntc-dsz1-e3fp
18
vulnerability VCID-qhv1-wgpm-7fh6
19
vulnerability VCID-r6kn-b963-eqge
20
vulnerability VCID-s6uu-335k-yfbc
21
vulnerability VCID-v54t-5thx-1beu
22
vulnerability VCID-vfp6-4h8n-bkax
23
vulnerability VCID-vtq4-fpr8-hudb
24
vulnerability VCID-w9ca-exua-g7ar
25
vulnerability VCID-x7rg-rsb5-pya7
26
vulnerability VCID-y8up-cqtu-jkdw
27
vulnerability VCID-yghg-775s-vber
28
vulnerability VCID-zjrq-np3y-hua5
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.16
1
url pkg:composer/moodle/moodle@2.9.0-beta
purl pkg:composer/moodle/moodle@2.9.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-ajkr-fxa1-mkhk
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-duna-st9c-mqbk
6
vulnerability VCID-eu27-a3px-87ed
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-k1bh-ymgt-e7cd
9
vulnerability VCID-k73h-z6j8-gkgz
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-m4zv-e3dn-budf
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-r6kn-b963-eqge
16
vulnerability VCID-s6uu-335k-yfbc
17
vulnerability VCID-vfp6-4h8n-bkax
18
vulnerability VCID-w9ca-exua-g7ar
19
vulnerability VCID-x7rg-rsb5-pya7
20
vulnerability VCID-y8up-cqtu-jkdw
21
vulnerability VCID-yghg-775s-vber
22
vulnerability VCID-zjrq-np3y-hua5
23
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.0-beta
2
url pkg:composer/moodle/moodle@2.9.8
purl pkg:composer/moodle/moodle@2.9.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-65y9-9ur2-pugc
2
vulnerability VCID-83kb-4mk9-t7ge
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-duna-st9c-mqbk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-jcq6-btgz-fkf6
9
vulnerability VCID-k1bh-ymgt-e7cd
10
vulnerability VCID-k73h-z6j8-gkgz
11
vulnerability VCID-m3np-aebb-8qaa
12
vulnerability VCID-m4zv-e3dn-budf
13
vulnerability VCID-mkfz-e1ft-2bcw
14
vulnerability VCID-nntc-dsz1-e3fp
15
vulnerability VCID-qhv1-wgpm-7fh6
16
vulnerability VCID-r6kn-b963-eqge
17
vulnerability VCID-s6uu-335k-yfbc
18
vulnerability VCID-v54t-5thx-1beu
19
vulnerability VCID-vfp6-4h8n-bkax
20
vulnerability VCID-w9ca-exua-g7ar
21
vulnerability VCID-x7rg-rsb5-pya7
22
vulnerability VCID-y8up-cqtu-jkdw
23
vulnerability VCID-yghg-775s-vber
24
vulnerability VCID-zjrq-np3y-hua5
25
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.8
3
url pkg:composer/moodle/moodle@3.0.6
purl pkg:composer/moodle/moodle@3.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-5rbf-4dz3-2qdz
3
vulnerability VCID-65y9-9ur2-pugc
4
vulnerability VCID-83kb-4mk9-t7ge
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-ajkr-fxa1-mkhk
8
vulnerability VCID-bjnq-q2nd-1khp
9
vulnerability VCID-dhku-uah4-ykh8
10
vulnerability VCID-duna-st9c-mqbk
11
vulnerability VCID-eu27-a3px-87ed
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k73h-z6j8-gkgz
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-r6kn-b963-eqge
21
vulnerability VCID-s6uu-335k-yfbc
22
vulnerability VCID-v54t-5thx-1beu
23
vulnerability VCID-vfp6-4h8n-bkax
24
vulnerability VCID-vtq4-fpr8-hudb
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-yghg-775s-vber
29
vulnerability VCID-zgzm-wj81-jkah
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.6
4
url pkg:composer/moodle/moodle@3.1.2
purl pkg:composer/moodle/moodle@3.1.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-336n-hpzg-euhd
3
vulnerability VCID-4rz2-b4e3-87g5
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-65y9-9ur2-pugc
6
vulnerability VCID-83kb-4mk9-t7ge
7
vulnerability VCID-8mgr-gdzj-4ybs
8
vulnerability VCID-9nd7-4wve-97hc
9
vulnerability VCID-9t4u-n1pn-w3bd
10
vulnerability VCID-a6pb-47tu-afcg
11
vulnerability VCID-ajkr-fxa1-mkhk
12
vulnerability VCID-b7br-bh2d-rygp
13
vulnerability VCID-bjnq-q2nd-1khp
14
vulnerability VCID-ckg1-9vpt-yfdk
15
vulnerability VCID-deur-8zdf-2kh2
16
vulnerability VCID-dhku-uah4-ykh8
17
vulnerability VCID-duna-st9c-mqbk
18
vulnerability VCID-e2zc-7ujn-wybu
19
vulnerability VCID-eu27-a3px-87ed
20
vulnerability VCID-fegs-ubsk-63hu
21
vulnerability VCID-g8ct-c4ce-zuaf
22
vulnerability VCID-jcq6-btgz-fkf6
23
vulnerability VCID-jn5n-6hg9-tyf7
24
vulnerability VCID-k1bh-ymgt-e7cd
25
vulnerability VCID-k73h-z6j8-gkgz
26
vulnerability VCID-m3np-aebb-8qaa
27
vulnerability VCID-m4zv-e3dn-budf
28
vulnerability VCID-mkfz-e1ft-2bcw
29
vulnerability VCID-nntc-dsz1-e3fp
30
vulnerability VCID-p2gd-7uam-mqf8
31
vulnerability VCID-q2fa-jymp-c3bb
32
vulnerability VCID-qhv1-wgpm-7fh6
33
vulnerability VCID-qxsq-ku22-r7gx
34
vulnerability VCID-r6kn-b963-eqge
35
vulnerability VCID-s6uu-335k-yfbc
36
vulnerability VCID-v54t-5thx-1beu
37
vulnerability VCID-vfp6-4h8n-bkax
38
vulnerability VCID-vtq4-fpr8-hudb
39
vulnerability VCID-w9ca-exua-g7ar
40
vulnerability VCID-x7rg-rsb5-pya7
41
vulnerability VCID-x927-nh46-7fdy
42
vulnerability VCID-y8up-cqtu-jkdw
43
vulnerability VCID-yghg-775s-vber
44
vulnerability VCID-yp82-zj5g-pbaf
45
vulnerability VCID-zgzm-wj81-jkah
46
vulnerability VCID-zjrq-np3y-hua5
47
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.2
aliases CVE-2016-7038, GHSA-2phx-w35g-x9vm
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vb67-yux5-ayhf
30
url VCID-vfp6-4h8n-bkax
vulnerability_id VCID-vfp6-4h8n-bkax
summary 
Code Injection
Moodle is vulnerable to an XML import of ddwtos could lead to intentional remote code execution. When importing legacy `drag and drop into text` (ddwtos) type quiz questions, it was possible to inject and execute PHP code from within the imported questions, either intentionally or by importing questions from an untrusted source.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-62880
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-62880
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-14630
reference_id
reference_type
scores
0
value 0.01859
scoring_system epss
scoring_elements 0.83401
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-14630
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14630
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14630
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/09cbca8566a388e8f0a1a0cfd86cd0667088ed2c
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/09cbca8566a388e8f0a1a0cfd86cd0667088ed2c
5
reference_url https://github.com/moodle/moodle/commit/be092b730910ad97fff0511e177a097ec1cc4b1c
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/be092b730910ad97fff0511e177a097ec1cc4b1c
6
reference_url https://github.com/moodle/moodle/commit/cb8aefa658cf7ad8f002a480343afb2dea94cc08
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/cb8aefa658cf7ad8f002a480343afb2dea94cc08
7
reference_url https://github.com/moodle/moodle/commit/cfc4393aa689c277a27b9a040ff7dcbdac4e41dd
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/cfc4393aa689c277a27b9a040ff7dcbdac4e41dd
8
reference_url https://github.com/moodle/moodle/commit/da1eeea0ff3d292b7669e478abc114872dd9cc8f
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/da1eeea0ff3d292b7669e478abc114872dd9cc8f
9
reference_url https://moodle.org/mod/forum/discuss.php?d=376023
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=376023
10
reference_url https://seclists.org/fulldisclosure/2018/Sep/28
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/fulldisclosure/2018/Sep/28
11
reference_url https://web.archive.org/web/20200227111301/https://www.securityfocus.com/bid/105354
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227111301/https://www.securityfocus.com/bid/105354
12
reference_url https://www.sec-consult.com/en/blog/advisories/remote-code-execution-php-unserialize-moodle-open-source-learning-platform-cve-2018-14630
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.sec-consult.com/en/blog/advisories/remote-code-execution-php-unserialize-moodle-open-source-learning-platform-cve-2018-14630
13
reference_url https://www.sec-consult.com/en/blog/advisories/remote-code-execution-php-unserialize-moodle-open-source-learning-platform-cve-2018-14630/
reference_id
reference_type
scores
url https://www.sec-consult.com/en/blog/advisories/remote-code-execution-php-unserialize-moodle-open-source-learning-platform-cve-2018-14630/
14
reference_url http://www.securityfocus.com/bid/105354
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/105354
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14630
reference_id CVE-2018-14630
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-14630
16
reference_url https://github.com/advisories/GHSA-c3pr-h96w-2jjg
reference_id GHSA-c3pr-h96w-2jjg
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c3pr-h96w-2jjg
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.0-beta
purl pkg:composer/moodle/moodle@3.1.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-ajkr-fxa1-mkhk
3
vulnerability VCID-duna-st9c-mqbk
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-k1bh-ymgt-e7cd
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-mkfz-e1ft-2bcw
9
vulnerability VCID-nntc-dsz1-e3fp
10
vulnerability VCID-qhv1-wgpm-7fh6
11
vulnerability VCID-r6kn-b963-eqge
12
vulnerability VCID-s6uu-335k-yfbc
13
vulnerability VCID-w9ca-exua-g7ar
14
vulnerability VCID-x7rg-rsb5-pya7
15
vulnerability VCID-y8up-cqtu-jkdw
16
vulnerability VCID-yghg-775s-vber
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.0-beta
1
url pkg:composer/moodle/moodle@3.1.14
purl pkg:composer/moodle/moodle@3.1.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-9t4u-n1pn-w3bd
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-deur-8zdf-2kh2
6
vulnerability VCID-eu27-a3px-87ed
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-k73h-z6j8-gkgz
9
vulnerability VCID-m3np-aebb-8qaa
10
vulnerability VCID-mkfz-e1ft-2bcw
11
vulnerability VCID-nntc-dsz1-e3fp
12
vulnerability VCID-qhv1-wgpm-7fh6
13
vulnerability VCID-qxsq-ku22-r7gx
14
vulnerability VCID-r6kn-b963-eqge
15
vulnerability VCID-s6uu-335k-yfbc
16
vulnerability VCID-w9ca-exua-g7ar
17
vulnerability VCID-x7rg-rsb5-pya7
18
vulnerability VCID-y8up-cqtu-jkdw
19
vulnerability VCID-zjrq-np3y-hua5
20
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.14
2
url pkg:composer/moodle/moodle@3.3.8
purl pkg:composer/moodle/moodle@3.3.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-bjnq-q2nd-1khp
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qhv1-wgpm-7fh6
9
vulnerability VCID-w9ca-exua-g7ar
10
vulnerability VCID-x7rg-rsb5-pya7
11
vulnerability VCID-y8up-cqtu-jkdw
12
vulnerability VCID-zjrq-np3y-hua5
13
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.8
3
url pkg:composer/moodle/moodle@3.4.5
purl pkg:composer/moodle/moodle@3.4.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-bjnq-q2nd-1khp
4
vulnerability VCID-deur-8zdf-2kh2
5
vulnerability VCID-eu27-a3px-87ed
6
vulnerability VCID-jcq6-btgz-fkf6
7
vulnerability VCID-k73h-z6j8-gkgz
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-mkfz-e1ft-2bcw
10
vulnerability VCID-nntc-dsz1-e3fp
11
vulnerability VCID-qhv1-wgpm-7fh6
12
vulnerability VCID-qxsq-ku22-r7gx
13
vulnerability VCID-r6kn-b963-eqge
14
vulnerability VCID-s6uu-335k-yfbc
15
vulnerability VCID-w9ca-exua-g7ar
16
vulnerability VCID-x7rg-rsb5-pya7
17
vulnerability VCID-y8up-cqtu-jkdw
18
vulnerability VCID-zjrq-np3y-hua5
19
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.5
4
url pkg:composer/moodle/moodle@3.5.2
purl pkg:composer/moodle/moodle@3.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-3cb4-wz6x-ckcd
3
vulnerability VCID-42fa-qbft-rfff
4
vulnerability VCID-56wj-4124-ryd2
5
vulnerability VCID-6m19-4krm-2udd
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-akv3-zfp8-kkc7
8
vulnerability VCID-bbj9-hpz3-xqhh
9
vulnerability VCID-bjnq-q2nd-1khp
10
vulnerability VCID-c1a1-z5m1-nfbc
11
vulnerability VCID-deur-8zdf-2kh2
12
vulnerability VCID-dpd2-1sqc-qqfy
13
vulnerability VCID-eu27-a3px-87ed
14
vulnerability VCID-fskk-cb95-uqer
15
vulnerability VCID-gnez-ehgq-rfbr
16
vulnerability VCID-hhzz-hbqz-akfw
17
vulnerability VCID-jcq6-btgz-fkf6
18
vulnerability VCID-jcsq-3q5z-4kc6
19
vulnerability VCID-k73h-z6j8-gkgz
20
vulnerability VCID-kgva-z9gg-u3dw
21
vulnerability VCID-m3np-aebb-8qaa
22
vulnerability VCID-mhm4-8kuk-t7b6
23
vulnerability VCID-mkfz-e1ft-2bcw
24
vulnerability VCID-mqde-66zm-qbbj
25
vulnerability VCID-nntc-dsz1-e3fp
26
vulnerability VCID-paj4-nq1r-jbd3
27
vulnerability VCID-pgfa-bkaw-q7cq
28
vulnerability VCID-qhv1-wgpm-7fh6
29
vulnerability VCID-qxsq-ku22-r7gx
30
vulnerability VCID-r6kn-b963-eqge
31
vulnerability VCID-s6uu-335k-yfbc
32
vulnerability VCID-w2b2-fuky-j3ff
33
vulnerability VCID-w9ca-exua-g7ar
34
vulnerability VCID-x7rg-rsb5-pya7
35
vulnerability VCID-y8up-cqtu-jkdw
36
vulnerability VCID-zjrq-np3y-hua5
37
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.2
aliases CVE-2018-14630, GHSA-c3pr-h96w-2jjg
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vfp6-4h8n-bkax
31
url VCID-vtq4-fpr8-hudb
vulnerability_id VCID-vtq4-fpr8-hudb
summary 
Exposure of Resource to Wrong Sphere
In Moodle, searching of arbitrary blogs is possible because a capability check is missing.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7490
reference_id
reference_type
scores
0
value 0.00295
scoring_system epss
scoring_elements 0.53036
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7490
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=352354
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=352354
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7490
reference_id CVE-2017-7490
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-7490
fixed_packages
0
url pkg:composer/moodle/moodle@2.7.19
purl pkg:composer/moodle/moodle@2.7.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-ajkr-fxa1-mkhk
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-duna-st9c-mqbk
6
vulnerability VCID-eu27-a3px-87ed
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-k73h-z6j8-gkgz
9
vulnerability VCID-m3np-aebb-8qaa
10
vulnerability VCID-m4zv-e3dn-budf
11
vulnerability VCID-mkfz-e1ft-2bcw
12
vulnerability VCID-nntc-dsz1-e3fp
13
vulnerability VCID-qhv1-wgpm-7fh6
14
vulnerability VCID-r6kn-b963-eqge
15
vulnerability VCID-s6uu-335k-yfbc
16
vulnerability VCID-vfp6-4h8n-bkax
17
vulnerability VCID-w9ca-exua-g7ar
18
vulnerability VCID-x7rg-rsb5-pya7
19
vulnerability VCID-y8up-cqtu-jkdw
20
vulnerability VCID-yghg-775s-vber
21
vulnerability VCID-zjrq-np3y-hua5
22
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.19
1
url pkg:composer/moodle/moodle@2.7.20
purl pkg:composer/moodle/moodle@2.7.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-a6pb-47tu-afcg
3
vulnerability VCID-ajkr-fxa1-mkhk
4
vulnerability VCID-bjnq-q2nd-1khp
5
vulnerability VCID-duna-st9c-mqbk
6
vulnerability VCID-eu27-a3px-87ed
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-k73h-z6j8-gkgz
9
vulnerability VCID-m3np-aebb-8qaa
10
vulnerability VCID-m4zv-e3dn-budf
11
vulnerability VCID-mkfz-e1ft-2bcw
12
vulnerability VCID-nntc-dsz1-e3fp
13
vulnerability VCID-qhv1-wgpm-7fh6
14
vulnerability VCID-r6kn-b963-eqge
15
vulnerability VCID-s6uu-335k-yfbc
16
vulnerability VCID-vfp6-4h8n-bkax
17
vulnerability VCID-w9ca-exua-g7ar
18
vulnerability VCID-x7rg-rsb5-pya7
19
vulnerability VCID-y8up-cqtu-jkdw
20
vulnerability VCID-yghg-775s-vber
21
vulnerability VCID-zjrq-np3y-hua5
22
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.20
2
url pkg:composer/moodle/moodle@3.0.9
purl pkg:composer/moodle/moodle@3.0.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-9nd7-4wve-97hc
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-duna-st9c-mqbk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-jcq6-btgz-fkf6
9
vulnerability VCID-k73h-z6j8-gkgz
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-m4zv-e3dn-budf
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-r6kn-b963-eqge
16
vulnerability VCID-s6uu-335k-yfbc
17
vulnerability VCID-vfp6-4h8n-bkax
18
vulnerability VCID-w9ca-exua-g7ar
19
vulnerability VCID-x7rg-rsb5-pya7
20
vulnerability VCID-y8up-cqtu-jkdw
21
vulnerability VCID-yghg-775s-vber
22
vulnerability VCID-zgzm-wj81-jkah
23
vulnerability VCID-zjrq-np3y-hua5
24
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.9
3
url pkg:composer/moodle/moodle@3.0.10
purl pkg:composer/moodle/moodle@3.0.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-9nd7-4wve-97hc
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-duna-st9c-mqbk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-jcq6-btgz-fkf6
9
vulnerability VCID-k73h-z6j8-gkgz
10
vulnerability VCID-m3np-aebb-8qaa
11
vulnerability VCID-m4zv-e3dn-budf
12
vulnerability VCID-mkfz-e1ft-2bcw
13
vulnerability VCID-nntc-dsz1-e3fp
14
vulnerability VCID-qhv1-wgpm-7fh6
15
vulnerability VCID-r6kn-b963-eqge
16
vulnerability VCID-s6uu-335k-yfbc
17
vulnerability VCID-vfp6-4h8n-bkax
18
vulnerability VCID-w9ca-exua-g7ar
19
vulnerability VCID-x7rg-rsb5-pya7
20
vulnerability VCID-y8up-cqtu-jkdw
21
vulnerability VCID-yghg-775s-vber
22
vulnerability VCID-zgzm-wj81-jkah
23
vulnerability VCID-zjrq-np3y-hua5
24
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.10
4
url pkg:composer/moodle/moodle@3.1.5
purl pkg:composer/moodle/moodle@3.1.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8mgr-gdzj-4ybs
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-9t4u-n1pn-w3bd
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-b7br-bh2d-rygp
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-ckg1-9vpt-yfdk
12
vulnerability VCID-deur-8zdf-2kh2
13
vulnerability VCID-duna-st9c-mqbk
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fegs-ubsk-63hu
16
vulnerability VCID-g8ct-c4ce-zuaf
17
vulnerability VCID-jcq6-btgz-fkf6
18
vulnerability VCID-k73h-z6j8-gkgz
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-p2gd-7uam-mqf8
24
vulnerability VCID-q2fa-jymp-c3bb
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-qxsq-ku22-r7gx
27
vulnerability VCID-r6kn-b963-eqge
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vfp6-4h8n-bkax
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-yghg-775s-vber
34
vulnerability VCID-yp82-zj5g-pbaf
35
vulnerability VCID-zgzm-wj81-jkah
36
vulnerability VCID-zjrq-np3y-hua5
37
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.5
5
url pkg:composer/moodle/moodle@3.1.6
purl pkg:composer/moodle/moodle@3.1.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-8mgr-gdzj-4ybs
5
vulnerability VCID-9nd7-4wve-97hc
6
vulnerability VCID-9t4u-n1pn-w3bd
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-b7br-bh2d-rygp
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-ckg1-9vpt-yfdk
12
vulnerability VCID-deur-8zdf-2kh2
13
vulnerability VCID-duna-st9c-mqbk
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fegs-ubsk-63hu
16
vulnerability VCID-g8ct-c4ce-zuaf
17
vulnerability VCID-jcq6-btgz-fkf6
18
vulnerability VCID-k73h-z6j8-gkgz
19
vulnerability VCID-m3np-aebb-8qaa
20
vulnerability VCID-m4zv-e3dn-budf
21
vulnerability VCID-mkfz-e1ft-2bcw
22
vulnerability VCID-nntc-dsz1-e3fp
23
vulnerability VCID-p2gd-7uam-mqf8
24
vulnerability VCID-q2fa-jymp-c3bb
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-qxsq-ku22-r7gx
27
vulnerability VCID-r6kn-b963-eqge
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vfp6-4h8n-bkax
30
vulnerability VCID-w9ca-exua-g7ar
31
vulnerability VCID-x7rg-rsb5-pya7
32
vulnerability VCID-y8up-cqtu-jkdw
33
vulnerability VCID-yghg-775s-vber
34
vulnerability VCID-yp82-zj5g-pbaf
35
vulnerability VCID-zgzm-wj81-jkah
36
vulnerability VCID-zjrq-np3y-hua5
37
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.6
6
url pkg:composer/moodle/moodle@3.2.3
purl pkg:composer/moodle/moodle@3.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-83kb-4mk9-t7ge
2
vulnerability VCID-9nd7-4wve-97hc
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-ajkr-fxa1-mkhk
5
vulnerability VCID-b7br-bh2d-rygp
6
vulnerability VCID-ckg1-9vpt-yfdk
7
vulnerability VCID-duna-st9c-mqbk
8
vulnerability VCID-eu27-a3px-87ed
9
vulnerability VCID-fegs-ubsk-63hu
10
vulnerability VCID-g8ct-c4ce-zuaf
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-nc2j-pay7-ryab
16
vulnerability VCID-nntc-dsz1-e3fp
17
vulnerability VCID-p2gd-7uam-mqf8
18
vulnerability VCID-q2fa-jymp-c3bb
19
vulnerability VCID-qhv1-wgpm-7fh6
20
vulnerability VCID-w9ca-exua-g7ar
21
vulnerability VCID-x7rg-rsb5-pya7
22
vulnerability VCID-y8up-cqtu-jkdw
23
vulnerability VCID-yghg-775s-vber
24
vulnerability VCID-yp82-zj5g-pbaf
25
vulnerability VCID-zgzm-wj81-jkah
26
vulnerability VCID-zjrq-np3y-hua5
27
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.3
aliases CVE-2017-7490, GHSA-9x63-m3cc-qf3g
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vtq4-fpr8-hudb
32
url VCID-w9ca-exua-g7ar
vulnerability_id VCID-w9ca-exua-g7ar
summary 
Improper Access Control
Teachers in a quiz group could modify group overrides for other groups in the same quiz.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10188
reference_id
reference_type
scores
0
value 0.00156
scoring_system epss
scoring_elements 0.36022
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10188
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10188
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10188
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://moodle.org/mod/forum/discuss.php?d=388569
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=388569
4
reference_url http://www.securityfocus.com/bid/109178
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/109178
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10188
reference_id CVE-2019-10188
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10188
fixed_packages
0
url pkg:composer/moodle/moodle@3.5.7
purl pkg:composer/moodle/moodle@3.5.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-42fa-qbft-rfff
2
vulnerability VCID-56wj-4124-ryd2
3
vulnerability VCID-6m19-4krm-2udd
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-bbj9-hpz3-xqhh
6
vulnerability VCID-c1a1-z5m1-nfbc
7
vulnerability VCID-dpd2-1sqc-qqfy
8
vulnerability VCID-fskk-cb95-uqer
9
vulnerability VCID-gnez-ehgq-rfbr
10
vulnerability VCID-hhzz-hbqz-akfw
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-jcsq-3q5z-4kc6
13
vulnerability VCID-kgva-z9gg-u3dw
14
vulnerability VCID-mhm4-8kuk-t7b6
15
vulnerability VCID-mkfz-e1ft-2bcw
16
vulnerability VCID-mqde-66zm-qbbj
17
vulnerability VCID-nntc-dsz1-e3fp
18
vulnerability VCID-paj4-nq1r-jbd3
19
vulnerability VCID-pgfa-bkaw-q7cq
20
vulnerability VCID-w2b2-fuky-j3ff
21
vulnerability VCID-y8up-cqtu-jkdw
22
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7
1
url pkg:composer/moodle/moodle@3.6.5
purl pkg:composer/moodle/moodle@3.6.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a6pb-47tu-afcg
1
vulnerability VCID-hhzz-hbqz-akfw
2
vulnerability VCID-jcq6-btgz-fkf6
3
vulnerability VCID-kgva-z9gg-u3dw
4
vulnerability VCID-n5tc-1k33-dfeq
5
vulnerability VCID-paj4-nq1r-jbd3
6
vulnerability VCID-w2b2-fuky-j3ff
7
vulnerability VCID-y8up-cqtu-jkdw
8
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.5
2
url pkg:composer/moodle/moodle@3.7.1
purl pkg:composer/moodle/moodle@3.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-3uvf-6ztd-xkaf
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-494p-pmxw-b7e2
4
vulnerability VCID-56wj-4124-ryd2
5
vulnerability VCID-6m19-4krm-2udd
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-c14d-1sa2-rkf6
8
vulnerability VCID-c1a1-z5m1-nfbc
9
vulnerability VCID-fskk-cb95-uqer
10
vulnerability VCID-hhzz-hbqz-akfw
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-jcsq-3q5z-4kc6
13
vulnerability VCID-kgva-z9gg-u3dw
14
vulnerability VCID-n5tc-1k33-dfeq
15
vulnerability VCID-paj4-nq1r-jbd3
16
vulnerability VCID-w2b2-fuky-j3ff
17
vulnerability VCID-y8up-cqtu-jkdw
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1
aliases CVE-2019-10188, GHSA-92q5-2h76-vgmj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w9ca-exua-g7ar
33
url VCID-x7rg-rsb5-pya7
vulnerability_id VCID-x7rg-rsb5-pya7
summary 
Improper Access Control
Users with permission to delete entries from a glossary were able to delete entries from other glossaries they did not have direct access to.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10187
reference_id
reference_type
scores
0
value 0.00156
scoring_system epss
scoring_elements 0.36022
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10187
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10187
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10187
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://moodle.org/mod/forum/discuss.php?d=388568#p1566330
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=388568#p1566330
4
reference_url http://www.securityfocus.com/bid/109174
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/109174
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10187
reference_id CVE-2019-10187
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10187
fixed_packages
0
url pkg:composer/moodle/moodle@3.5.7
purl pkg:composer/moodle/moodle@3.5.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-42fa-qbft-rfff
2
vulnerability VCID-56wj-4124-ryd2
3
vulnerability VCID-6m19-4krm-2udd
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-bbj9-hpz3-xqhh
6
vulnerability VCID-c1a1-z5m1-nfbc
7
vulnerability VCID-dpd2-1sqc-qqfy
8
vulnerability VCID-fskk-cb95-uqer
9
vulnerability VCID-gnez-ehgq-rfbr
10
vulnerability VCID-hhzz-hbqz-akfw
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-jcsq-3q5z-4kc6
13
vulnerability VCID-kgva-z9gg-u3dw
14
vulnerability VCID-mhm4-8kuk-t7b6
15
vulnerability VCID-mkfz-e1ft-2bcw
16
vulnerability VCID-mqde-66zm-qbbj
17
vulnerability VCID-nntc-dsz1-e3fp
18
vulnerability VCID-paj4-nq1r-jbd3
19
vulnerability VCID-pgfa-bkaw-q7cq
20
vulnerability VCID-w2b2-fuky-j3ff
21
vulnerability VCID-y8up-cqtu-jkdw
22
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7
1
url pkg:composer/moodle/moodle@3.6.5
purl pkg:composer/moodle/moodle@3.6.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a6pb-47tu-afcg
1
vulnerability VCID-hhzz-hbqz-akfw
2
vulnerability VCID-jcq6-btgz-fkf6
3
vulnerability VCID-kgva-z9gg-u3dw
4
vulnerability VCID-n5tc-1k33-dfeq
5
vulnerability VCID-paj4-nq1r-jbd3
6
vulnerability VCID-w2b2-fuky-j3ff
7
vulnerability VCID-y8up-cqtu-jkdw
8
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.5
2
url pkg:composer/moodle/moodle@3.7.1
purl pkg:composer/moodle/moodle@3.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-3uvf-6ztd-xkaf
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-494p-pmxw-b7e2
4
vulnerability VCID-56wj-4124-ryd2
5
vulnerability VCID-6m19-4krm-2udd
6
vulnerability VCID-a6pb-47tu-afcg
7
vulnerability VCID-c14d-1sa2-rkf6
8
vulnerability VCID-c1a1-z5m1-nfbc
9
vulnerability VCID-fskk-cb95-uqer
10
vulnerability VCID-hhzz-hbqz-akfw
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-jcsq-3q5z-4kc6
13
vulnerability VCID-kgva-z9gg-u3dw
14
vulnerability VCID-n5tc-1k33-dfeq
15
vulnerability VCID-paj4-nq1r-jbd3
16
vulnerability VCID-w2b2-fuky-j3ff
17
vulnerability VCID-y8up-cqtu-jkdw
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1
aliases CVE-2019-10187, GHSA-2mg9-hv69-897x
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x7rg-rsb5-pya7
34
url VCID-xmm4-zw49-3feh
vulnerability_id VCID-xmm4-zw49-3feh
summary 
Information Exposure
The (1) `core_enrol_get_course_enrolment_methods` and (2) `enrol_self_get_instance_info` web services in Moodle do not consider the `moodle/course:viewhiddencourses` capability, which allows remote authenticated users to obtain sensitive information via a web-service request.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52072
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52072
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176502.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176502.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176436.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176436.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0724
reference_id
reference_type
scores
0
value 0.00578
scoring_system epss
scoring_elements 0.69204
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0724
4
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
5
reference_url https://github.com/moodle/moodle/commit/4323a973d57a41e19e039a850ad71ebcabae73c1
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/4323a973d57a41e19e039a850ad71ebcabae73c1
6
reference_url https://moodle.org/mod/forum/discuss.php?d=326205
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=326205
7
reference_url https://web.archive.org/web/20210622172957/http://www.securitytracker.com/id/1034694
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210622172957/http://www.securitytracker.com/id/1034694
8
reference_url http://www.openwall.com/lists/oss-security/2016/01/18/1
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/01/18/1
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0724
reference_id CVE-2016-0724
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-0724
10
reference_url https://github.com/advisories/GHSA-hjrj-7wcj-7j3c
reference_id GHSA-hjrj-7wcj-7j3c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hjrj-7wcj-7j3c
fixed_packages
0
url pkg:composer/moodle/moodle@2.7.12
purl pkg:composer/moodle/moodle@2.7.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-37pj-u3gh-n7fd
3
vulnerability VCID-4kq5-ctsv-eka8
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-65y9-9ur2-pugc
6
vulnerability VCID-83kb-4mk9-t7ge
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-an53-nu91-k3d7
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-dhku-uah4-ykh8
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eaqp-7abt-6kg9
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fsex-f512-pudv
16
vulnerability VCID-jcq6-btgz-fkf6
17
vulnerability VCID-k1bh-ymgt-e7cd
18
vulnerability VCID-k6pw-51st-b3d2
19
vulnerability VCID-k73h-z6j8-gkgz
20
vulnerability VCID-kgvw-uxf4-wbc1
21
vulnerability VCID-m3np-aebb-8qaa
22
vulnerability VCID-m4zv-e3dn-budf
23
vulnerability VCID-mkfz-e1ft-2bcw
24
vulnerability VCID-nntc-dsz1-e3fp
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-r6kn-b963-eqge
27
vulnerability VCID-s3ue-e5h8-f3dy
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vb67-yux5-ayhf
30
vulnerability VCID-vfp6-4h8n-bkax
31
vulnerability VCID-vtq4-fpr8-hudb
32
vulnerability VCID-w9ca-exua-g7ar
33
vulnerability VCID-x7rg-rsb5-pya7
34
vulnerability VCID-y8up-cqtu-jkdw
35
vulnerability VCID-yghg-775s-vber
36
vulnerability VCID-zjrq-np3y-hua5
37
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.12
1
url pkg:composer/moodle/moodle@2.8.10
purl pkg:composer/moodle/moodle@2.8.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-4kq5-ctsv-eka8
3
vulnerability VCID-65y9-9ur2-pugc
4
vulnerability VCID-83kb-4mk9-t7ge
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-an53-nu91-k3d7
8
vulnerability VCID-bjnq-q2nd-1khp
9
vulnerability VCID-duna-st9c-mqbk
10
vulnerability VCID-eaqp-7abt-6kg9
11
vulnerability VCID-eu27-a3px-87ed
12
vulnerability VCID-fsex-f512-pudv
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k1bh-ymgt-e7cd
15
vulnerability VCID-k6pw-51st-b3d2
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-kgvw-uxf4-wbc1
18
vulnerability VCID-m3np-aebb-8qaa
19
vulnerability VCID-m4zv-e3dn-budf
20
vulnerability VCID-mkfz-e1ft-2bcw
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-qhv1-wgpm-7fh6
23
vulnerability VCID-r6kn-b963-eqge
24
vulnerability VCID-s3ue-e5h8-f3dy
25
vulnerability VCID-s6uu-335k-yfbc
26
vulnerability VCID-vb67-yux5-ayhf
27
vulnerability VCID-vfp6-4h8n-bkax
28
vulnerability VCID-w9ca-exua-g7ar
29
vulnerability VCID-x7rg-rsb5-pya7
30
vulnerability VCID-y8up-cqtu-jkdw
31
vulnerability VCID-yghg-775s-vber
32
vulnerability VCID-zjrq-np3y-hua5
33
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.10
2
url pkg:composer/moodle/moodle@2.9.4
purl pkg:composer/moodle/moodle@2.9.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-4kq5-ctsv-eka8
3
vulnerability VCID-65y9-9ur2-pugc
4
vulnerability VCID-83kb-4mk9-t7ge
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-ajkr-fxa1-mkhk
7
vulnerability VCID-an53-nu91-k3d7
8
vulnerability VCID-bjnq-q2nd-1khp
9
vulnerability VCID-duna-st9c-mqbk
10
vulnerability VCID-eaqp-7abt-6kg9
11
vulnerability VCID-eu27-a3px-87ed
12
vulnerability VCID-fsex-f512-pudv
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k1bh-ymgt-e7cd
15
vulnerability VCID-k6pw-51st-b3d2
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-kgvw-uxf4-wbc1
18
vulnerability VCID-m3np-aebb-8qaa
19
vulnerability VCID-m4zv-e3dn-budf
20
vulnerability VCID-mkfz-e1ft-2bcw
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-qhv1-wgpm-7fh6
23
vulnerability VCID-r6kn-b963-eqge
24
vulnerability VCID-s3ue-e5h8-f3dy
25
vulnerability VCID-s6uu-335k-yfbc
26
vulnerability VCID-vb67-yux5-ayhf
27
vulnerability VCID-vfp6-4h8n-bkax
28
vulnerability VCID-w9ca-exua-g7ar
29
vulnerability VCID-x7rg-rsb5-pya7
30
vulnerability VCID-y8up-cqtu-jkdw
31
vulnerability VCID-yghg-775s-vber
32
vulnerability VCID-zjrq-np3y-hua5
33
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.4
3
url pkg:composer/moodle/moodle@3.0.2
purl pkg:composer/moodle/moodle@3.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-37pj-u3gh-n7fd
3
vulnerability VCID-4kq5-ctsv-eka8
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-65y9-9ur2-pugc
6
vulnerability VCID-83kb-4mk9-t7ge
7
vulnerability VCID-9nd7-4wve-97hc
8
vulnerability VCID-a6pb-47tu-afcg
9
vulnerability VCID-ajkr-fxa1-mkhk
10
vulnerability VCID-an53-nu91-k3d7
11
vulnerability VCID-bjnq-q2nd-1khp
12
vulnerability VCID-dhku-uah4-ykh8
13
vulnerability VCID-duna-st9c-mqbk
14
vulnerability VCID-eaqp-7abt-6kg9
15
vulnerability VCID-eu27-a3px-87ed
16
vulnerability VCID-fsex-f512-pudv
17
vulnerability VCID-jcq6-btgz-fkf6
18
vulnerability VCID-k1bh-ymgt-e7cd
19
vulnerability VCID-k6pw-51st-b3d2
20
vulnerability VCID-k73h-z6j8-gkgz
21
vulnerability VCID-kgvw-uxf4-wbc1
22
vulnerability VCID-m3np-aebb-8qaa
23
vulnerability VCID-m4zv-e3dn-budf
24
vulnerability VCID-mkfz-e1ft-2bcw
25
vulnerability VCID-nntc-dsz1-e3fp
26
vulnerability VCID-qhv1-wgpm-7fh6
27
vulnerability VCID-r6kn-b963-eqge
28
vulnerability VCID-s3ue-e5h8-f3dy
29
vulnerability VCID-s6uu-335k-yfbc
30
vulnerability VCID-vb67-yux5-ayhf
31
vulnerability VCID-vfp6-4h8n-bkax
32
vulnerability VCID-vtq4-fpr8-hudb
33
vulnerability VCID-w9ca-exua-g7ar
34
vulnerability VCID-x7rg-rsb5-pya7
35
vulnerability VCID-y8up-cqtu-jkdw
36
vulnerability VCID-yghg-775s-vber
37
vulnerability VCID-zgzm-wj81-jkah
38
vulnerability VCID-zjrq-np3y-hua5
39
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.2
aliases CVE-2016-0724, GHSA-hjrj-7wcj-7j3c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xmm4-zw49-3feh
35
url VCID-y8up-cqtu-jkdw
vulnerability_id VCID-y8up-cqtu-jkdw
summary 
Cross-site Scripting
Persistent XSS in `/course/modedit.php` of Moodle allows authenticated users (Teacher) to inject JavaScript into the session of another user (e.g., enrolled student or site administrator) via the `introeditor[text]` parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-18210
reference_id
reference_type
scores
0
value 0.0044
scoring_system epss
scoring_elements 0.63483
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-18210
1
reference_url https://docs.moodle.org/38/en/Teacher_role
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.moodle.org/38/en/Teacher_role
2
reference_url https://gist.github.com/Danbardo/4a6b0fe8cb21ec6d7c54e6ac951bdb0a
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://gist.github.com/Danbardo/4a6b0fe8cb21ec6d7c54e6ac951bdb0a
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-18210
reference_id CVE-2019-18210
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-18210
5
reference_url https://github.com/advisories/GHSA-q6vw-27c6-jv9c
reference_id GHSA-q6vw-27c6-jv9c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q6vw-27c6-jv9c
fixed_packages
0
url pkg:composer/moodle/moodle@3.7.3
purl pkg:composer/moodle/moodle@3.7.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3cb4-wz6x-ckcd
1
vulnerability VCID-3uvf-6ztd-xkaf
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-56wj-4124-ryd2
4
vulnerability VCID-6m19-4krm-2udd
5
vulnerability VCID-c14d-1sa2-rkf6
6
vulnerability VCID-c1a1-z5m1-nfbc
7
vulnerability VCID-fskk-cb95-uqer
8
vulnerability VCID-hhzz-hbqz-akfw
9
vulnerability VCID-jcq6-btgz-fkf6
10
vulnerability VCID-jcsq-3q5z-4kc6
11
vulnerability VCID-kgva-z9gg-u3dw
12
vulnerability VCID-paj4-nq1r-jbd3
13
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.3
aliases CVE-2019-18210, GHSA-q6vw-27c6-jv9c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y8up-cqtu-jkdw
36
url VCID-yghg-775s-vber
vulnerability_id VCID-yghg-775s-vber
summary 
Server-Side Request Forgery (SSRF)
Moodle has Server Side Request Forgery in the `filepicker`.
references
0
reference_url http://packetstormsecurity.com/files/153766/Moodle-Filepicker-3.5.2-Server-Side-Request-Forgery.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/153766/Moodle-Filepicker-3.5.2-Server-Side-Request-Forgery.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1042
reference_id
reference_type
scores
0
value 0.12866
scoring_system epss
scoring_elements 0.94175
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1042
2
reference_url https://github.com/moodle/moodle/commit/f1d1a60e0ac8549c08e66062f3cd0110e4a92e24
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/f1d1a60e0ac8549c08e66062f3cd0110e4a92e24
3
reference_url https://moodle.org/mod/forum/discuss.php?d=364381
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=364381
4
reference_url https://web.archive.org/web/20210124134113/http://www.securityfocus.com/bid/102752
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210124134113/http://www.securityfocus.com/bid/102752
5
reference_url http://www.securityfocus.com/bid/102752
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/102752
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/47177.txt
reference_id CVE-2018-1042
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/47177.txt
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1042
reference_id CVE-2018-1042
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1042
fixed_packages
0
url pkg:composer/moodle/moodle@3.1.10
purl pkg:composer/moodle/moodle@3.1.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-9t4u-n1pn-w3bd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-b7br-bh2d-rygp
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-ckg1-9vpt-yfdk
9
vulnerability VCID-deur-8zdf-2kh2
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fegs-ubsk-63hu
12
vulnerability VCID-g8ct-c4ce-zuaf
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k73h-z6j8-gkgz
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-nntc-dsz1-e3fp
19
vulnerability VCID-p2gd-7uam-mqf8
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qxsq-ku22-r7gx
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-y8up-cqtu-jkdw
28
vulnerability VCID-zjrq-np3y-hua5
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.10
1
url pkg:composer/moodle/moodle@3.2.7
purl pkg:composer/moodle/moodle@3.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-b7br-bh2d-rygp
3
vulnerability VCID-ckg1-9vpt-yfdk
4
vulnerability VCID-eu27-a3px-87ed
5
vulnerability VCID-fegs-ubsk-63hu
6
vulnerability VCID-g8ct-c4ce-zuaf
7
vulnerability VCID-jcq6-btgz-fkf6
8
vulnerability VCID-m3np-aebb-8qaa
9
vulnerability VCID-m4zv-e3dn-budf
10
vulnerability VCID-mkfz-e1ft-2bcw
11
vulnerability VCID-nntc-dsz1-e3fp
12
vulnerability VCID-p2gd-7uam-mqf8
13
vulnerability VCID-qhv1-wgpm-7fh6
14
vulnerability VCID-w9ca-exua-g7ar
15
vulnerability VCID-x7rg-rsb5-pya7
16
vulnerability VCID-y8up-cqtu-jkdw
17
vulnerability VCID-zjrq-np3y-hua5
18
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.7
2
url pkg:composer/moodle/moodle@3.3.4
purl pkg:composer/moodle/moodle@3.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-4rz2-b4e3-87g5
2
vulnerability VCID-8mgr-gdzj-4ybs
3
vulnerability VCID-a6pb-47tu-afcg
4
vulnerability VCID-b7br-bh2d-rygp
5
vulnerability VCID-bjnq-q2nd-1khp
6
vulnerability VCID-ckg1-9vpt-yfdk
7
vulnerability VCID-eu27-a3px-87ed
8
vulnerability VCID-fegs-ubsk-63hu
9
vulnerability VCID-fygy-9njn-abgd
10
vulnerability VCID-g8ct-c4ce-zuaf
11
vulnerability VCID-jcq6-btgz-fkf6
12
vulnerability VCID-m3np-aebb-8qaa
13
vulnerability VCID-m4zv-e3dn-budf
14
vulnerability VCID-mkfz-e1ft-2bcw
15
vulnerability VCID-mmg3-7fz9-5uak
16
vulnerability VCID-nntc-dsz1-e3fp
17
vulnerability VCID-p2gd-7uam-mqf8
18
vulnerability VCID-qhv1-wgpm-7fh6
19
vulnerability VCID-vfp6-4h8n-bkax
20
vulnerability VCID-w9ca-exua-g7ar
21
vulnerability VCID-x7rg-rsb5-pya7
22
vulnerability VCID-x9vd-njdz-jua9
23
vulnerability VCID-y8up-cqtu-jkdw
24
vulnerability VCID-zjrq-np3y-hua5
25
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.4
3
url pkg:composer/moodle/moodle@3.4.1
purl pkg:composer/moodle/moodle@3.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-336n-hpzg-euhd
2
vulnerability VCID-4rz2-b4e3-87g5
3
vulnerability VCID-8mgr-gdzj-4ybs
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-b7br-bh2d-rygp
6
vulnerability VCID-bjnq-q2nd-1khp
7
vulnerability VCID-ckg1-9vpt-yfdk
8
vulnerability VCID-deur-8zdf-2kh2
9
vulnerability VCID-eu27-a3px-87ed
10
vulnerability VCID-fegs-ubsk-63hu
11
vulnerability VCID-fygy-9njn-abgd
12
vulnerability VCID-g8ct-c4ce-zuaf
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k73h-z6j8-gkgz
15
vulnerability VCID-m3np-aebb-8qaa
16
vulnerability VCID-m4zv-e3dn-budf
17
vulnerability VCID-mkfz-e1ft-2bcw
18
vulnerability VCID-mmg3-7fz9-5uak
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-p2gd-7uam-mqf8
21
vulnerability VCID-qhv1-wgpm-7fh6
22
vulnerability VCID-qxsq-ku22-r7gx
23
vulnerability VCID-r6kn-b963-eqge
24
vulnerability VCID-s6uu-335k-yfbc
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-x9vd-njdz-jua9
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.1
aliases CVE-2018-1042, GHSA-qqjv-mc2v-p7mc
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yghg-775s-vber
37
url VCID-zjrq-np3y-hua5
vulnerability_id VCID-zjrq-np3y-hua5
summary 
Information Exposure
Permissions were not correctly checked before loading event information into the calendar's edit event modal popup, so logged in non-guest users could view unauthorised calendar events.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3848
reference_id
reference_type
scores
0
value 0.00133
scoring_system epss
scoring_elements 0.32374
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3848
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3848
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3848
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://moodle.org/mod/forum/discuss.php?d=384011#p1547743
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=384011#p1547743
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-3848
reference_id CVE-2019-3848
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-3848
5
reference_url https://github.com/advisories/GHSA-45rw-4r25-jvg7
reference_id GHSA-45rw-4r25-jvg7
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-45rw-4r25-jvg7
fixed_packages
0
url pkg:composer/moodle/moodle@3.4.8
purl pkg:composer/moodle/moodle@3.4.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-jcq6-btgz-fkf6
5
vulnerability VCID-m3np-aebb-8qaa
6
vulnerability VCID-mkfz-e1ft-2bcw
7
vulnerability VCID-nntc-dsz1-e3fp
8
vulnerability VCID-qxsq-ku22-r7gx
9
vulnerability VCID-w9ca-exua-g7ar
10
vulnerability VCID-x7rg-rsb5-pya7
11
vulnerability VCID-y8up-cqtu-jkdw
12
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.8
1
url pkg:composer/moodle/moodle@3.5.5
purl pkg:composer/moodle/moodle@3.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-3cb4-wz6x-ckcd
2
vulnerability VCID-42fa-qbft-rfff
3
vulnerability VCID-56wj-4124-ryd2
4
vulnerability VCID-6m19-4krm-2udd
5
vulnerability VCID-a6pb-47tu-afcg
6
vulnerability VCID-bbj9-hpz3-xqhh
7
vulnerability VCID-c1a1-z5m1-nfbc
8
vulnerability VCID-deur-8zdf-2kh2
9
vulnerability VCID-dpd2-1sqc-qqfy
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fskk-cb95-uqer
12
vulnerability VCID-gnez-ehgq-rfbr
13
vulnerability VCID-hhzz-hbqz-akfw
14
vulnerability VCID-jcq6-btgz-fkf6
15
vulnerability VCID-jcsq-3q5z-4kc6
16
vulnerability VCID-kgva-z9gg-u3dw
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-mhm4-8kuk-t7b6
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-mqde-66zm-qbbj
21
vulnerability VCID-nntc-dsz1-e3fp
22
vulnerability VCID-paj4-nq1r-jbd3
23
vulnerability VCID-pgfa-bkaw-q7cq
24
vulnerability VCID-qxsq-ku22-r7gx
25
vulnerability VCID-w2b2-fuky-j3ff
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-y8up-cqtu-jkdw
29
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.5
2
url pkg:composer/moodle/moodle@3.6.3
purl pkg:composer/moodle/moodle@3.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-a6pb-47tu-afcg
2
vulnerability VCID-deur-8zdf-2kh2
3
vulnerability VCID-eu27-a3px-87ed
4
vulnerability VCID-hhzz-hbqz-akfw
5
vulnerability VCID-jcq6-btgz-fkf6
6
vulnerability VCID-kgva-z9gg-u3dw
7
vulnerability VCID-m3np-aebb-8qaa
8
vulnerability VCID-n5tc-1k33-dfeq
9
vulnerability VCID-paj4-nq1r-jbd3
10
vulnerability VCID-qxsq-ku22-r7gx
11
vulnerability VCID-w2b2-fuky-j3ff
12
vulnerability VCID-w9ca-exua-g7ar
13
vulnerability VCID-x7rg-rsb5-pya7
14
vulnerability VCID-y8up-cqtu-jkdw
15
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.3
aliases CVE-2019-3848, GHSA-45rw-4r25-jvg7
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zjrq-np3y-hua5
38
url VCID-zwkk-zazw-6fgg
vulnerability_id VCID-zwkk-zazw-6fgg
summary 
Improper Validation of Integrity Check Value
It was found in Moodle that a insufficient capability checks in some grade related web services meant students were able to view other students grades.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20184
reference_id
reference_type
scores
0
value 0.00148
scoring_system epss
scoring_elements 0.34896
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20184
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=417167
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=417167
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20184
reference_id CVE-2021-20184
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20184
4
reference_url https://github.com/advisories/GHSA-mm73-86f9-5x5c
reference_id GHSA-mm73-86f9-5x5c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mm73-86f9-5x5c
fixed_packages
0
url pkg:composer/moodle/moodle@3.8.7
purl pkg:composer/moodle/moodle@3.8.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-dpd2-1sqc-qqfy
2
vulnerability VCID-gnez-ehgq-rfbr
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.7
1
url pkg:composer/moodle/moodle@3.9.4
purl pkg:composer/moodle/moodle@3.9.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-dpd2-1sqc-qqfy
2
vulnerability VCID-gnez-ehgq-rfbr
3
vulnerability VCID-jcq6-btgz-fkf6
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.4
2
url pkg:composer/moodle/moodle@3.10.1
purl pkg:composer/moodle/moodle@3.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbj9-hpz3-xqhh
1
vulnerability VCID-bu6d-ns3s-fuck
2
vulnerability VCID-dpd2-1sqc-qqfy
3
vulnerability VCID-gnez-ehgq-rfbr
4
vulnerability VCID-mqde-66zm-qbbj
5
vulnerability VCID-pgfa-bkaw-q7cq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.1
aliases CVE-2021-20184, GHSA-mm73-86f9-5x5c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zwkk-zazw-6fgg
Fixing_vulnerabilities
0
url VCID-1rar-m2g3-27ag
vulnerability_id VCID-1rar-m2g3-27ag
summary 
Exposure of Sensitive Information to an Unauthorized Actor
mod/data/edit.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 sets a certain group ID to zero upon a database-entry change, which allows remote authenticated users to obtain sensitive information by accessing the database after an edit by a teacher.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47697
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47697
1
reference_url http://openwall.com/lists/oss-security/2014/11/17/11
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/11/17/11
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-7833
reference_id
reference_type
scores
0
value 0.00273
scoring_system epss
scoring_elements 0.50932
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-7833
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/2c639e85a32aaef4a9978e5ca139fb74ca5d6ae4
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/2c639e85a32aaef4a9978e5ca139fb74ca5d6ae4
5
reference_url https://github.com/moodle/moodle/commit/3e312a16f48dd8e8b230cb71e64295ee54992f80
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/3e312a16f48dd8e8b230cb71e64295ee54992f80
6
reference_url https://github.com/moodle/moodle/commit/c4a6c65c1bd8536484a9e53e62d3867081dedd6b
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/c4a6c65c1bd8536484a9e53e62d3867081dedd6b
7
reference_url https://github.com/moodle/moodle/commit/cc375a22b95b2e0f927a21ffd97c06f2276d8c14
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/cc375a22b95b2e0f927a21ffd97c06f2276d8c14
8
reference_url https://moodle.org/mod/forum/discuss.php?d=275155
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=275155
9
reference_url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-7833
reference_id CVE-2014-7833
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-7833
11
reference_url https://github.com/advisories/GHSA-jq7x-gm9r-v8m7
reference_id GHSA-jq7x-gm9r-v8m7
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jq7x-gm9r-v8m7
fixed_packages
0
url pkg:composer/moodle/moodle@2.5.9
purl pkg:composer/moodle/moodle@2.5.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-hbky-xx53-vkct
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k1bh-ymgt-e7cd
15
vulnerability VCID-k6pw-51st-b3d2
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-m4zv-e3dn-budf
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-nntc-dsz1-e3fp
21
vulnerability VCID-qhv1-wgpm-7fh6
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-uptz-tj66-7yfk
25
vulnerability VCID-vb67-yux5-ayhf
26
vulnerability VCID-vfp6-4h8n-bkax
27
vulnerability VCID-w9ca-exua-g7ar
28
vulnerability VCID-x7rg-rsb5-pya7
29
vulnerability VCID-xmm4-zw49-3feh
30
vulnerability VCID-y8up-cqtu-jkdw
31
vulnerability VCID-yghg-775s-vber
32
vulnerability VCID-zjrq-np3y-hua5
33
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.9
1
url pkg:composer/moodle/moodle@2.6.6
purl pkg:composer/moodle/moodle@2.6.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-r6kn-b963-eqge
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-xmm4-zw49-3feh
28
vulnerability VCID-y8up-cqtu-jkdw
29
vulnerability VCID-yghg-775s-vber
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6
2
url pkg:composer/moodle/moodle@2.7.3
purl pkg:composer/moodle/moodle@2.7.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-37pj-u3gh-n7fd
3
vulnerability VCID-4kq5-ctsv-eka8
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-65y9-9ur2-pugc
6
vulnerability VCID-83kb-4mk9-t7ge
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-an53-nu91-k3d7
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-dhku-uah4-ykh8
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eaqp-7abt-6kg9
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fsex-f512-pudv
16
vulnerability VCID-jcq6-btgz-fkf6
17
vulnerability VCID-k1bh-ymgt-e7cd
18
vulnerability VCID-k6pw-51st-b3d2
19
vulnerability VCID-k73h-z6j8-gkgz
20
vulnerability VCID-kgvw-uxf4-wbc1
21
vulnerability VCID-m3np-aebb-8qaa
22
vulnerability VCID-m4zv-e3dn-budf
23
vulnerability VCID-mkfz-e1ft-2bcw
24
vulnerability VCID-nntc-dsz1-e3fp
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-r6kn-b963-eqge
27
vulnerability VCID-s3ue-e5h8-f3dy
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vb67-yux5-ayhf
30
vulnerability VCID-vfp6-4h8n-bkax
31
vulnerability VCID-vtq4-fpr8-hudb
32
vulnerability VCID-w9ca-exua-g7ar
33
vulnerability VCID-x7rg-rsb5-pya7
34
vulnerability VCID-xmm4-zw49-3feh
35
vulnerability VCID-y8up-cqtu-jkdw
36
vulnerability VCID-yghg-775s-vber
37
vulnerability VCID-zjrq-np3y-hua5
38
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3
aliases CVE-2014-7833, GHSA-jq7x-gm9r-v8m7
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1rar-m2g3-27ag
1
url VCID-29yj-e9bd-queq
vulnerability_id VCID-29yj-e9bd-queq
summary 
Moodle allows attackers to remove wiki pages
mod/wiki/admin.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote authenticated users to remove wiki pages by leveraging delete access within a different subwiki.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47949
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47949
1
reference_url http://openwall.com/lists/oss-security/2014/11/17/11
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/11/17/11
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-7837
reference_id
reference_type
scores
0
value 0.00606
scoring_system epss
scoring_elements 0.70046
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-7837
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/a481e32f02cdabd2b76aaa06d1d513ffe480e71b
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/a481e32f02cdabd2b76aaa06d1d513ffe480e71b
5
reference_url https://github.com/moodle/moodle/commit/a866ad40beb1c1d7faca2da9c3cbad2dcf6fa32b
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/a866ad40beb1c1d7faca2da9c3cbad2dcf6fa32b
6
reference_url https://github.com/moodle/moodle/commit/dc003ed98e47174a2a4c349f187265a383a386c0
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/dc003ed98e47174a2a4c349f187265a383a386c0
7
reference_url https://github.com/moodle/moodle/commit/e2a8ac6b1103167d6786cb1801703c2c0f8467ca
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/e2a8ac6b1103167d6786cb1801703c2c0f8467ca
8
reference_url https://moodle.org/mod/forum/discuss.php?d=275163
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=275163
9
reference_url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-7837
reference_id CVE-2014-7837
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-7837
11
reference_url https://github.com/advisories/GHSA-p3hj-cfhm-7g6v
reference_id GHSA-p3hj-cfhm-7g6v
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p3hj-cfhm-7g6v
fixed_packages
0
url pkg:composer/moodle/moodle@2.5.9
purl pkg:composer/moodle/moodle@2.5.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-hbky-xx53-vkct
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k1bh-ymgt-e7cd
15
vulnerability VCID-k6pw-51st-b3d2
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-m4zv-e3dn-budf
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-nntc-dsz1-e3fp
21
vulnerability VCID-qhv1-wgpm-7fh6
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-uptz-tj66-7yfk
25
vulnerability VCID-vb67-yux5-ayhf
26
vulnerability VCID-vfp6-4h8n-bkax
27
vulnerability VCID-w9ca-exua-g7ar
28
vulnerability VCID-x7rg-rsb5-pya7
29
vulnerability VCID-xmm4-zw49-3feh
30
vulnerability VCID-y8up-cqtu-jkdw
31
vulnerability VCID-yghg-775s-vber
32
vulnerability VCID-zjrq-np3y-hua5
33
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.9
1
url pkg:composer/moodle/moodle@2.6.6
purl pkg:composer/moodle/moodle@2.6.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-r6kn-b963-eqge
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-xmm4-zw49-3feh
28
vulnerability VCID-y8up-cqtu-jkdw
29
vulnerability VCID-yghg-775s-vber
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6
2
url pkg:composer/moodle/moodle@2.7.3
purl pkg:composer/moodle/moodle@2.7.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-37pj-u3gh-n7fd
3
vulnerability VCID-4kq5-ctsv-eka8
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-65y9-9ur2-pugc
6
vulnerability VCID-83kb-4mk9-t7ge
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-an53-nu91-k3d7
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-dhku-uah4-ykh8
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eaqp-7abt-6kg9
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fsex-f512-pudv
16
vulnerability VCID-jcq6-btgz-fkf6
17
vulnerability VCID-k1bh-ymgt-e7cd
18
vulnerability VCID-k6pw-51st-b3d2
19
vulnerability VCID-k73h-z6j8-gkgz
20
vulnerability VCID-kgvw-uxf4-wbc1
21
vulnerability VCID-m3np-aebb-8qaa
22
vulnerability VCID-m4zv-e3dn-budf
23
vulnerability VCID-mkfz-e1ft-2bcw
24
vulnerability VCID-nntc-dsz1-e3fp
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-r6kn-b963-eqge
27
vulnerability VCID-s3ue-e5h8-f3dy
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vb67-yux5-ayhf
30
vulnerability VCID-vfp6-4h8n-bkax
31
vulnerability VCID-vtq4-fpr8-hudb
32
vulnerability VCID-w9ca-exua-g7ar
33
vulnerability VCID-x7rg-rsb5-pya7
34
vulnerability VCID-xmm4-zw49-3feh
35
vulnerability VCID-y8up-cqtu-jkdw
36
vulnerability VCID-yghg-775s-vber
37
vulnerability VCID-zjrq-np3y-hua5
38
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3
aliases CVE-2014-7837, GHSA-p3hj-cfhm-7g6v
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-29yj-e9bd-queq
2
url VCID-3xwm-hqap-8bct
vulnerability_id VCID-3xwm-hqap-8bct
summary 
Exposure of Sensitive Information to an Unauthorized Actor
lib/phpunit/bootstrap.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47287
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47287
1
reference_url http://openwall.com/lists/oss-security/2014/11/17/11
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/11/17/11
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-7848
reference_id
reference_type
scores
0
value 0.00388
scoring_system epss
scoring_elements 0.60228
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-7848
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/0baf9763636aa4158a45ef2b539d2df0aa0bbd53
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/0baf9763636aa4158a45ef2b539d2df0aa0bbd53
5
reference_url https://github.com/moodle/moodle/commit/1993cc02b6b05f45ff1776813567c6b3f91480f4
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/1993cc02b6b05f45ff1776813567c6b3f91480f4
6
reference_url https://github.com/moodle/moodle/commit/84baa6b1417328ef7e4085d0112acc57167d15e4
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/84baa6b1417328ef7e4085d0112acc57167d15e4
7
reference_url https://moodle.org/mod/forum/discuss.php?d=275160
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=275160
8
reference_url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-7848
reference_id CVE-2014-7848
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-7848
10
reference_url https://github.com/advisories/GHSA-47cw-whh9-j2fq
reference_id GHSA-47cw-whh9-j2fq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-47cw-whh9-j2fq
fixed_packages
0
url pkg:composer/moodle/moodle@2.6.6
purl pkg:composer/moodle/moodle@2.6.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-r6kn-b963-eqge
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-xmm4-zw49-3feh
28
vulnerability VCID-y8up-cqtu-jkdw
29
vulnerability VCID-yghg-775s-vber
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6
1
url pkg:composer/moodle/moodle@2.7.3
purl pkg:composer/moodle/moodle@2.7.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-37pj-u3gh-n7fd
3
vulnerability VCID-4kq5-ctsv-eka8
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-65y9-9ur2-pugc
6
vulnerability VCID-83kb-4mk9-t7ge
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-an53-nu91-k3d7
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-dhku-uah4-ykh8
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eaqp-7abt-6kg9
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fsex-f512-pudv
16
vulnerability VCID-jcq6-btgz-fkf6
17
vulnerability VCID-k1bh-ymgt-e7cd
18
vulnerability VCID-k6pw-51st-b3d2
19
vulnerability VCID-k73h-z6j8-gkgz
20
vulnerability VCID-kgvw-uxf4-wbc1
21
vulnerability VCID-m3np-aebb-8qaa
22
vulnerability VCID-m4zv-e3dn-budf
23
vulnerability VCID-mkfz-e1ft-2bcw
24
vulnerability VCID-nntc-dsz1-e3fp
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-r6kn-b963-eqge
27
vulnerability VCID-s3ue-e5h8-f3dy
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vb67-yux5-ayhf
30
vulnerability VCID-vfp6-4h8n-bkax
31
vulnerability VCID-vtq4-fpr8-hudb
32
vulnerability VCID-w9ca-exua-g7ar
33
vulnerability VCID-x7rg-rsb5-pya7
34
vulnerability VCID-xmm4-zw49-3feh
35
vulnerability VCID-y8up-cqtu-jkdw
36
vulnerability VCID-yghg-775s-vber
37
vulnerability VCID-zjrq-np3y-hua5
38
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3
aliases CVE-2014-7848, GHSA-47cw-whh9-j2fq
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3xwm-hqap-8bct
3
url VCID-5c29-qn3p-3yde
vulnerability_id VCID-5c29-qn3p-3yde
summary 
Moodle does not consider the moodle/tag:edit capability before adding a tag
tag/tag_autocomplete.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not consider the moodle/tag:edit capability before adding a tag, which allows remote authenticated users to bypass intended access restrictions via an AJAX request.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47965
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47965
1
reference_url http://openwall.com/lists/oss-security/2014/11/17/11
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/11/17/11
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-7846
reference_id
reference_type
scores
0
value 0.00243
scoring_system epss
scoring_elements 0.47692
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-7846
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/1d9e0857f8bd9f21d25886f77cc13120f9d6be08
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/1d9e0857f8bd9f21d25886f77cc13120f9d6be08
5
reference_url https://github.com/moodle/moodle/commit/932694ca59413ce8a0546b8bfb97e07e3b4cf17b
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/932694ca59413ce8a0546b8bfb97e07e3b4cf17b
6
reference_url https://github.com/moodle/moodle/commit/bb69623c5c0754467f01f916f94446e1caddb6a8
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/bb69623c5c0754467f01f916f94446e1caddb6a8
7
reference_url https://moodle.org/mod/forum/discuss.php?d=275157
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=275157
8
reference_url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-7846
reference_id CVE-2014-7846
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-7846
10
reference_url https://github.com/advisories/GHSA-468q-9cmp-76wc
reference_id GHSA-468q-9cmp-76wc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-468q-9cmp-76wc
fixed_packages
0
url pkg:composer/moodle/moodle@2.5.9
purl pkg:composer/moodle/moodle@2.5.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-hbky-xx53-vkct
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k1bh-ymgt-e7cd
15
vulnerability VCID-k6pw-51st-b3d2
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-m4zv-e3dn-budf
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-nntc-dsz1-e3fp
21
vulnerability VCID-qhv1-wgpm-7fh6
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-uptz-tj66-7yfk
25
vulnerability VCID-vb67-yux5-ayhf
26
vulnerability VCID-vfp6-4h8n-bkax
27
vulnerability VCID-w9ca-exua-g7ar
28
vulnerability VCID-x7rg-rsb5-pya7
29
vulnerability VCID-xmm4-zw49-3feh
30
vulnerability VCID-y8up-cqtu-jkdw
31
vulnerability VCID-yghg-775s-vber
32
vulnerability VCID-zjrq-np3y-hua5
33
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.9
1
url pkg:composer/moodle/moodle@2.6.6
purl pkg:composer/moodle/moodle@2.6.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-r6kn-b963-eqge
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-xmm4-zw49-3feh
28
vulnerability VCID-y8up-cqtu-jkdw
29
vulnerability VCID-yghg-775s-vber
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6
2
url pkg:composer/moodle/moodle@2.7.3
purl pkg:composer/moodle/moodle@2.7.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-37pj-u3gh-n7fd
3
vulnerability VCID-4kq5-ctsv-eka8
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-65y9-9ur2-pugc
6
vulnerability VCID-83kb-4mk9-t7ge
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-an53-nu91-k3d7
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-dhku-uah4-ykh8
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eaqp-7abt-6kg9
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fsex-f512-pudv
16
vulnerability VCID-jcq6-btgz-fkf6
17
vulnerability VCID-k1bh-ymgt-e7cd
18
vulnerability VCID-k6pw-51st-b3d2
19
vulnerability VCID-k73h-z6j8-gkgz
20
vulnerability VCID-kgvw-uxf4-wbc1
21
vulnerability VCID-m3np-aebb-8qaa
22
vulnerability VCID-m4zv-e3dn-budf
23
vulnerability VCID-mkfz-e1ft-2bcw
24
vulnerability VCID-nntc-dsz1-e3fp
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-r6kn-b963-eqge
27
vulnerability VCID-s3ue-e5h8-f3dy
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vb67-yux5-ayhf
30
vulnerability VCID-vfp6-4h8n-bkax
31
vulnerability VCID-vtq4-fpr8-hudb
32
vulnerability VCID-w9ca-exua-g7ar
33
vulnerability VCID-x7rg-rsb5-pya7
34
vulnerability VCID-xmm4-zw49-3feh
35
vulnerability VCID-y8up-cqtu-jkdw
36
vulnerability VCID-yghg-775s-vber
37
vulnerability VCID-zjrq-np3y-hua5
38
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3
aliases CVE-2014-7846, GHSA-468q-9cmp-76wc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5c29-qn3p-3yde
4
url VCID-8q4n-d565-kfbn
vulnerability_id VCID-8q4n-d565-kfbn
summary 
Cross-Site Request Forgery (CSRF)
Multiple cross-site request forgery (CSRF) vulnerabilities in the Forum module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allow remote attackers to hijack the authentication of arbitrary users for requests that set a tracking preference within (1) mod/forum/deprecatedlib.php, (2) mod/forum/forum.js, (3) mod/forum/index.php, or (4) mod/forum/lib.php.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48019
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48019
1
reference_url http://openwall.com/lists/oss-security/2014/11/17/11
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/11/17/11
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-7838
reference_id
reference_type
scores
0
value 0.00173
scoring_system epss
scoring_elements 0.3846
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-7838
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/545eb1bcfdbfc352bf6c31edf440485ba6d5af42
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/545eb1bcfdbfc352bf6c31edf440485ba6d5af42
5
reference_url https://github.com/moodle/moodle/commit/7a311adbba9471edb5a49e4c4b8c356c87f0e44b
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/7a311adbba9471edb5a49e4c4b8c356c87f0e44b
6
reference_url https://github.com/moodle/moodle/commit/bef4a5e01739f2b239c0910b9e1aa2841b979f7d
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/bef4a5e01739f2b239c0910b9e1aa2841b979f7d
7
reference_url https://github.com/moodle/moodle/commit/c812956efda7d10dfdce5ae19c0ec8879de38a31
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/c812956efda7d10dfdce5ae19c0ec8879de38a31
8
reference_url https://moodle.org/mod/forum/discuss.php?d=275164
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=275164
9
reference_url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-7838
reference_id CVE-2014-7838
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-7838
11
reference_url https://github.com/advisories/GHSA-43r4-vm25-qm78
reference_id GHSA-43r4-vm25-qm78
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-43r4-vm25-qm78
fixed_packages
0
url pkg:composer/moodle/moodle@2.5.9
purl pkg:composer/moodle/moodle@2.5.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-hbky-xx53-vkct
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k1bh-ymgt-e7cd
15
vulnerability VCID-k6pw-51st-b3d2
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-m4zv-e3dn-budf
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-nntc-dsz1-e3fp
21
vulnerability VCID-qhv1-wgpm-7fh6
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-uptz-tj66-7yfk
25
vulnerability VCID-vb67-yux5-ayhf
26
vulnerability VCID-vfp6-4h8n-bkax
27
vulnerability VCID-w9ca-exua-g7ar
28
vulnerability VCID-x7rg-rsb5-pya7
29
vulnerability VCID-xmm4-zw49-3feh
30
vulnerability VCID-y8up-cqtu-jkdw
31
vulnerability VCID-yghg-775s-vber
32
vulnerability VCID-zjrq-np3y-hua5
33
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.9
1
url pkg:composer/moodle/moodle@2.6.6
purl pkg:composer/moodle/moodle@2.6.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-r6kn-b963-eqge
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-xmm4-zw49-3feh
28
vulnerability VCID-y8up-cqtu-jkdw
29
vulnerability VCID-yghg-775s-vber
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6
2
url pkg:composer/moodle/moodle@2.7.3
purl pkg:composer/moodle/moodle@2.7.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-37pj-u3gh-n7fd
3
vulnerability VCID-4kq5-ctsv-eka8
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-65y9-9ur2-pugc
6
vulnerability VCID-83kb-4mk9-t7ge
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-an53-nu91-k3d7
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-dhku-uah4-ykh8
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eaqp-7abt-6kg9
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fsex-f512-pudv
16
vulnerability VCID-jcq6-btgz-fkf6
17
vulnerability VCID-k1bh-ymgt-e7cd
18
vulnerability VCID-k6pw-51st-b3d2
19
vulnerability VCID-k73h-z6j8-gkgz
20
vulnerability VCID-kgvw-uxf4-wbc1
21
vulnerability VCID-m3np-aebb-8qaa
22
vulnerability VCID-m4zv-e3dn-budf
23
vulnerability VCID-mkfz-e1ft-2bcw
24
vulnerability VCID-nntc-dsz1-e3fp
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-r6kn-b963-eqge
27
vulnerability VCID-s3ue-e5h8-f3dy
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vb67-yux5-ayhf
30
vulnerability VCID-vfp6-4h8n-bkax
31
vulnerability VCID-vtq4-fpr8-hudb
32
vulnerability VCID-w9ca-exua-g7ar
33
vulnerability VCID-x7rg-rsb5-pya7
34
vulnerability VCID-xmm4-zw49-3feh
35
vulnerability VCID-y8up-cqtu-jkdw
36
vulnerability VCID-yghg-775s-vber
37
vulnerability VCID-zjrq-np3y-hua5
38
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3
aliases CVE-2014-7838, GHSA-43r4-vm25-qm78
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8q4n-d565-kfbn
5
url VCID-bfmx-cwap-8yhp
vulnerability_id VCID-bfmx-cwap-8yhp
summary 
Moodle allows attackers to cause a denial of service
iplookup/index.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote attackers to cause a denial of service (resource consumption) by triggering the calculation of an estimated latitude and longitude for an IP address.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47321
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47321
1
reference_url http://openwall.com/lists/oss-security/2014/11/17/11
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/11/17/11
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-7847
reference_id
reference_type
scores
0
value 0.00734
scoring_system epss
scoring_elements 0.73123
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-7847
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/324b018bbce2f56198fe8808968bad6c8798710a
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/324b018bbce2f56198fe8808968bad6c8798710a
5
reference_url https://github.com/moodle/moodle/commit/35a60cbb382d78ddb9d54c772816db4c5007ca7e
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/35a60cbb382d78ddb9d54c772816db4c5007ca7e
6
reference_url https://github.com/moodle/moodle/commit/6ec47a64acf8576916c20dcbb436b0ae41a63440
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/6ec47a64acf8576916c20dcbb436b0ae41a63440
7
reference_url https://github.com/moodle/moodle/commit/eb46bf2f4e80f4421255f6aee00b73448ba582a7
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/eb46bf2f4e80f4421255f6aee00b73448ba582a7
8
reference_url https://moodle.org/mod/forum/discuss.php?d=275158
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=275158
9
reference_url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-7847
reference_id CVE-2014-7847
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-7847
11
reference_url https://github.com/advisories/GHSA-6vjg-2q57-rgfw
reference_id GHSA-6vjg-2q57-rgfw
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6vjg-2q57-rgfw
fixed_packages
0
url pkg:composer/moodle/moodle@2.5.9
purl pkg:composer/moodle/moodle@2.5.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-hbky-xx53-vkct
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k1bh-ymgt-e7cd
15
vulnerability VCID-k6pw-51st-b3d2
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-m4zv-e3dn-budf
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-nntc-dsz1-e3fp
21
vulnerability VCID-qhv1-wgpm-7fh6
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-uptz-tj66-7yfk
25
vulnerability VCID-vb67-yux5-ayhf
26
vulnerability VCID-vfp6-4h8n-bkax
27
vulnerability VCID-w9ca-exua-g7ar
28
vulnerability VCID-x7rg-rsb5-pya7
29
vulnerability VCID-xmm4-zw49-3feh
30
vulnerability VCID-y8up-cqtu-jkdw
31
vulnerability VCID-yghg-775s-vber
32
vulnerability VCID-zjrq-np3y-hua5
33
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.9
1
url pkg:composer/moodle/moodle@2.6.6
purl pkg:composer/moodle/moodle@2.6.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-r6kn-b963-eqge
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-xmm4-zw49-3feh
28
vulnerability VCID-y8up-cqtu-jkdw
29
vulnerability VCID-yghg-775s-vber
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6
2
url pkg:composer/moodle/moodle@2.7.3
purl pkg:composer/moodle/moodle@2.7.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-37pj-u3gh-n7fd
3
vulnerability VCID-4kq5-ctsv-eka8
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-65y9-9ur2-pugc
6
vulnerability VCID-83kb-4mk9-t7ge
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-an53-nu91-k3d7
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-dhku-uah4-ykh8
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eaqp-7abt-6kg9
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fsex-f512-pudv
16
vulnerability VCID-jcq6-btgz-fkf6
17
vulnerability VCID-k1bh-ymgt-e7cd
18
vulnerability VCID-k6pw-51st-b3d2
19
vulnerability VCID-k73h-z6j8-gkgz
20
vulnerability VCID-kgvw-uxf4-wbc1
21
vulnerability VCID-m3np-aebb-8qaa
22
vulnerability VCID-m4zv-e3dn-budf
23
vulnerability VCID-mkfz-e1ft-2bcw
24
vulnerability VCID-nntc-dsz1-e3fp
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-r6kn-b963-eqge
27
vulnerability VCID-s3ue-e5h8-f3dy
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vb67-yux5-ayhf
30
vulnerability VCID-vfp6-4h8n-bkax
31
vulnerability VCID-vtq4-fpr8-hudb
32
vulnerability VCID-w9ca-exua-g7ar
33
vulnerability VCID-x7rg-rsb5-pya7
34
vulnerability VCID-xmm4-zw49-3feh
35
vulnerability VCID-y8up-cqtu-jkdw
36
vulnerability VCID-yghg-775s-vber
37
vulnerability VCID-zjrq-np3y-hua5
38
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3
aliases CVE-2014-7847, GHSA-6vjg-2q57-rgfw
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bfmx-cwap-8yhp
6
url VCID-fumj-9pun-zfc5
vulnerability_id VCID-fumj-9pun-zfc5
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
webservice/upload.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 does not ensure that a file upload is for a private or draft area, which allows remote authenticated users to upload files containing JavaScript, and consequently conduct cross-site scripting (XSS) attacks, by specifying the profile-picture area.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47868
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47868
1
reference_url http://openwall.com/lists/oss-security/2014/11/17/11
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/11/17/11
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-7835
reference_id
reference_type
scores
0
value 0.0018
scoring_system epss
scoring_elements 0.3931
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-7835
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/2f87351d5480f562d6811cdf3bea032612e0325e
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/2f87351d5480f562d6811cdf3bea032612e0325e
5
reference_url https://github.com/moodle/moodle/commit/76ae1f6068f63149acc2d8c362af94067f4a227d
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/76ae1f6068f63149acc2d8c362af94067f4a227d
6
reference_url https://github.com/moodle/moodle/commit/ea1fbc00285514242d620ea017e187eb139deedb
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/ea1fbc00285514242d620ea017e187eb139deedb
7
reference_url https://moodle.org/mod/forum/discuss.php?d=275161
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=275161
8
reference_url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-7835
reference_id CVE-2014-7835
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-7835
10
reference_url https://github.com/advisories/GHSA-vrf6-q7qj-69v5
reference_id GHSA-vrf6-q7qj-69v5
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vrf6-q7qj-69v5
fixed_packages
0
url pkg:composer/moodle/moodle@2.6.6
purl pkg:composer/moodle/moodle@2.6.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-r6kn-b963-eqge
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-xmm4-zw49-3feh
28
vulnerability VCID-y8up-cqtu-jkdw
29
vulnerability VCID-yghg-775s-vber
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6
1
url pkg:composer/moodle/moodle@2.7.3
purl pkg:composer/moodle/moodle@2.7.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-37pj-u3gh-n7fd
3
vulnerability VCID-4kq5-ctsv-eka8
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-65y9-9ur2-pugc
6
vulnerability VCID-83kb-4mk9-t7ge
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-an53-nu91-k3d7
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-dhku-uah4-ykh8
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eaqp-7abt-6kg9
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fsex-f512-pudv
16
vulnerability VCID-jcq6-btgz-fkf6
17
vulnerability VCID-k1bh-ymgt-e7cd
18
vulnerability VCID-k6pw-51st-b3d2
19
vulnerability VCID-k73h-z6j8-gkgz
20
vulnerability VCID-kgvw-uxf4-wbc1
21
vulnerability VCID-m3np-aebb-8qaa
22
vulnerability VCID-m4zv-e3dn-budf
23
vulnerability VCID-mkfz-e1ft-2bcw
24
vulnerability VCID-nntc-dsz1-e3fp
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-r6kn-b963-eqge
27
vulnerability VCID-s3ue-e5h8-f3dy
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vb67-yux5-ayhf
30
vulnerability VCID-vfp6-4h8n-bkax
31
vulnerability VCID-vtq4-fpr8-hudb
32
vulnerability VCID-w9ca-exua-g7ar
33
vulnerability VCID-x7rg-rsb5-pya7
34
vulnerability VCID-xmm4-zw49-3feh
35
vulnerability VCID-y8up-cqtu-jkdw
36
vulnerability VCID-yghg-775s-vber
37
vulnerability VCID-zjrq-np3y-hua5
38
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3
aliases CVE-2014-7835, GHSA-vrf6-q7qj-69v5
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fumj-9pun-zfc5
7
url VCID-krn6-pwk5-ake2
vulnerability_id VCID-krn6-pwk5-ake2
summary 
Improper Input Validation
The LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not properly restrict the parameters used in a return URL, which allows remote attackers to trigger the generation of arbitrary messages via a modified URL, related to mod/lti/locallib.php and mod/lti/return.php.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47927
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47927
1
reference_url http://openwall.com/lists/oss-security/2014/11/17/11
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/11/17/11
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-9060
reference_id
reference_type
scores
0
value 0.00388
scoring_system epss
scoring_elements 0.60228
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-9060
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/15bde5352bd4bdb54105c0fdfd956c9ca420e4c6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/15bde5352bd4bdb54105c0fdfd956c9ca420e4c6
5
reference_url https://github.com/moodle/moodle/commit/339c6eca3c881742178637cb41cc7ebbe4a3b6b0
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/339c6eca3c881742178637cb41cc7ebbe4a3b6b0
6
reference_url https://github.com/moodle/moodle/commit/44e712e9b72a30c6bc01112040854e91f5758605
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/44e712e9b72a30c6bc01112040854e91f5758605
7
reference_url https://github.com/moodle/moodle/commit/edc89dfecb3f6891cea019baf2aecce51b3de41a
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/edc89dfecb3f6891cea019baf2aecce51b3de41a
8
reference_url https://moodle.org/mod/forum/discuss.php?d=275165
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=275165
9
reference_url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-9060
reference_id CVE-2014-9060
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-9060
11
reference_url https://github.com/advisories/GHSA-c87j-9rrq-h3j8
reference_id GHSA-c87j-9rrq-h3j8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c87j-9rrq-h3j8
fixed_packages
0
url pkg:composer/moodle/moodle@2.5.9
purl pkg:composer/moodle/moodle@2.5.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-hbky-xx53-vkct
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k1bh-ymgt-e7cd
15
vulnerability VCID-k6pw-51st-b3d2
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-m4zv-e3dn-budf
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-nntc-dsz1-e3fp
21
vulnerability VCID-qhv1-wgpm-7fh6
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-uptz-tj66-7yfk
25
vulnerability VCID-vb67-yux5-ayhf
26
vulnerability VCID-vfp6-4h8n-bkax
27
vulnerability VCID-w9ca-exua-g7ar
28
vulnerability VCID-x7rg-rsb5-pya7
29
vulnerability VCID-xmm4-zw49-3feh
30
vulnerability VCID-y8up-cqtu-jkdw
31
vulnerability VCID-yghg-775s-vber
32
vulnerability VCID-zjrq-np3y-hua5
33
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.9
1
url pkg:composer/moodle/moodle@2.6.6
purl pkg:composer/moodle/moodle@2.6.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-r6kn-b963-eqge
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-xmm4-zw49-3feh
28
vulnerability VCID-y8up-cqtu-jkdw
29
vulnerability VCID-yghg-775s-vber
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6
2
url pkg:composer/moodle/moodle@2.7.3
purl pkg:composer/moodle/moodle@2.7.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-37pj-u3gh-n7fd
3
vulnerability VCID-4kq5-ctsv-eka8
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-65y9-9ur2-pugc
6
vulnerability VCID-83kb-4mk9-t7ge
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-an53-nu91-k3d7
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-dhku-uah4-ykh8
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eaqp-7abt-6kg9
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fsex-f512-pudv
16
vulnerability VCID-jcq6-btgz-fkf6
17
vulnerability VCID-k1bh-ymgt-e7cd
18
vulnerability VCID-k6pw-51st-b3d2
19
vulnerability VCID-k73h-z6j8-gkgz
20
vulnerability VCID-kgvw-uxf4-wbc1
21
vulnerability VCID-m3np-aebb-8qaa
22
vulnerability VCID-m4zv-e3dn-budf
23
vulnerability VCID-mkfz-e1ft-2bcw
24
vulnerability VCID-nntc-dsz1-e3fp
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-r6kn-b963-eqge
27
vulnerability VCID-s3ue-e5h8-f3dy
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vb67-yux5-ayhf
30
vulnerability VCID-vfp6-4h8n-bkax
31
vulnerability VCID-vtq4-fpr8-hudb
32
vulnerability VCID-w9ca-exua-g7ar
33
vulnerability VCID-x7rg-rsb5-pya7
34
vulnerability VCID-xmm4-zw49-3feh
35
vulnerability VCID-y8up-cqtu-jkdw
36
vulnerability VCID-yghg-775s-vber
37
vulnerability VCID-zjrq-np3y-hua5
38
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3
aliases CVE-2014-9060, GHSA-c87j-9rrq-h3j8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-krn6-pwk5-ake2
8
url VCID-kzwd-2e6n-fkbm
vulnerability_id VCID-kzwd-2e6n-fkbm
summary 
Cross-Site Request Forgery (CSRF)
Multiple cross-site request forgery (CSRF) vulnerabilities in the LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allow remote attackers to hijack the authentication of arbitrary users for a (1) mod/lti/request_tool.php or (2) mod/lti/instructor_edit_tool_type.php request.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47924
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47924
1
reference_url http://openwall.com/lists/oss-security/2014/11/17/11
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/11/17/11
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-7836
reference_id
reference_type
scores
0
value 0.00173
scoring_system epss
scoring_elements 0.3846
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-7836
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/48ea41c48f3dcf28fb40fe0b0a1f0c4c0453d34d
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/48ea41c48f3dcf28fb40fe0b0a1f0c4c0453d34d
5
reference_url https://github.com/moodle/moodle/commit/75d7e25198eeb6255963e2e46212d89b14e05dd7
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/75d7e25198eeb6255963e2e46212d89b14e05dd7
6
reference_url https://github.com/moodle/moodle/commit/babaf596e10ee525e58314b36f8063c65b59aa7d
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/babaf596e10ee525e58314b36f8063c65b59aa7d
7
reference_url https://github.com/moodle/moodle/commit/bac38b11ab95862a831c6e6e60c03caf64eda599
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/bac38b11ab95862a831c6e6e60c03caf64eda599
8
reference_url https://moodle.org/mod/forum/discuss.php?d=275162
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=275162
9
reference_url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-7836
reference_id CVE-2014-7836
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-7836
11
reference_url https://github.com/advisories/GHSA-wpq5-q3mj-8f3r
reference_id GHSA-wpq5-q3mj-8f3r
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wpq5-q3mj-8f3r
fixed_packages
0
url pkg:composer/moodle/moodle@2.5.9
purl pkg:composer/moodle/moodle@2.5.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-hbky-xx53-vkct
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k1bh-ymgt-e7cd
15
vulnerability VCID-k6pw-51st-b3d2
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-m4zv-e3dn-budf
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-nntc-dsz1-e3fp
21
vulnerability VCID-qhv1-wgpm-7fh6
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-uptz-tj66-7yfk
25
vulnerability VCID-vb67-yux5-ayhf
26
vulnerability VCID-vfp6-4h8n-bkax
27
vulnerability VCID-w9ca-exua-g7ar
28
vulnerability VCID-x7rg-rsb5-pya7
29
vulnerability VCID-xmm4-zw49-3feh
30
vulnerability VCID-y8up-cqtu-jkdw
31
vulnerability VCID-yghg-775s-vber
32
vulnerability VCID-zjrq-np3y-hua5
33
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.9
1
url pkg:composer/moodle/moodle@2.6.6
purl pkg:composer/moodle/moodle@2.6.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-r6kn-b963-eqge
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-xmm4-zw49-3feh
28
vulnerability VCID-y8up-cqtu-jkdw
29
vulnerability VCID-yghg-775s-vber
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6
2
url pkg:composer/moodle/moodle@2.7.3
purl pkg:composer/moodle/moodle@2.7.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-37pj-u3gh-n7fd
3
vulnerability VCID-4kq5-ctsv-eka8
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-65y9-9ur2-pugc
6
vulnerability VCID-83kb-4mk9-t7ge
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-an53-nu91-k3d7
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-dhku-uah4-ykh8
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eaqp-7abt-6kg9
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fsex-f512-pudv
16
vulnerability VCID-jcq6-btgz-fkf6
17
vulnerability VCID-k1bh-ymgt-e7cd
18
vulnerability VCID-k6pw-51st-b3d2
19
vulnerability VCID-k73h-z6j8-gkgz
20
vulnerability VCID-kgvw-uxf4-wbc1
21
vulnerability VCID-m3np-aebb-8qaa
22
vulnerability VCID-m4zv-e3dn-budf
23
vulnerability VCID-mkfz-e1ft-2bcw
24
vulnerability VCID-nntc-dsz1-e3fp
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-r6kn-b963-eqge
27
vulnerability VCID-s3ue-e5h8-f3dy
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vb67-yux5-ayhf
30
vulnerability VCID-vfp6-4h8n-bkax
31
vulnerability VCID-vtq4-fpr8-hudb
32
vulnerability VCID-w9ca-exua-g7ar
33
vulnerability VCID-x7rg-rsb5-pya7
34
vulnerability VCID-xmm4-zw49-3feh
35
vulnerability VCID-y8up-cqtu-jkdw
36
vulnerability VCID-yghg-775s-vber
37
vulnerability VCID-zjrq-np3y-hua5
38
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3
aliases CVE-2014-7836, GHSA-wpq5-q3mj-8f3r
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kzwd-2e6n-fkbm
9
url VCID-rdfn-52p2-afa7
vulnerability_id VCID-rdfn-52p2-afa7
summary 
Moodle Temporary Passwords are Brute Force-able
The generate_password function in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not provide a sufficient number of possible temporary passwords, which allows remote attackers to obtain access via a brute-force attack.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47050
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47050
1
reference_url http://openwall.com/lists/oss-security/2014/11/17/11
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/11/17/11
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-7845
reference_id
reference_type
scores
0
value 0.00712
scoring_system epss
scoring_elements 0.72672
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-7845
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/04f2e83ce76cf931e6614497c1a7cc6c8afb9454
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/04f2e83ce76cf931e6614497c1a7cc6c8afb9454
5
reference_url https://github.com/moodle/moodle/commit/3128901f99d41d9368e81ffc67f4bc0535221e02
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/3128901f99d41d9368e81ffc67f4bc0535221e02
6
reference_url https://github.com/moodle/moodle/commit/40a04658232d898223462f84d8cd35510338acbe
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/40a04658232d898223462f84d8cd35510338acbe
7
reference_url https://github.com/moodle/moodle/commit/ece03f3b13c5eefa7bb008401b9414eed620eebc
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/ece03f3b13c5eefa7bb008401b9414eed620eebc
8
reference_url https://moodle.org/mod/forum/discuss.php?d=275152
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=275152
9
reference_url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-7845
reference_id CVE-2014-7845
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-7845
11
reference_url https://github.com/advisories/GHSA-9v64-447r-wch6
reference_id GHSA-9v64-447r-wch6
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9v64-447r-wch6
fixed_packages
0
url pkg:composer/moodle/moodle@2.5.9
purl pkg:composer/moodle/moodle@2.5.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-hbky-xx53-vkct
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k1bh-ymgt-e7cd
15
vulnerability VCID-k6pw-51st-b3d2
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-m4zv-e3dn-budf
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-nntc-dsz1-e3fp
21
vulnerability VCID-qhv1-wgpm-7fh6
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-uptz-tj66-7yfk
25
vulnerability VCID-vb67-yux5-ayhf
26
vulnerability VCID-vfp6-4h8n-bkax
27
vulnerability VCID-w9ca-exua-g7ar
28
vulnerability VCID-x7rg-rsb5-pya7
29
vulnerability VCID-xmm4-zw49-3feh
30
vulnerability VCID-y8up-cqtu-jkdw
31
vulnerability VCID-yghg-775s-vber
32
vulnerability VCID-zjrq-np3y-hua5
33
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.9
1
url pkg:composer/moodle/moodle@2.6.6
purl pkg:composer/moodle/moodle@2.6.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-r6kn-b963-eqge
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-xmm4-zw49-3feh
28
vulnerability VCID-y8up-cqtu-jkdw
29
vulnerability VCID-yghg-775s-vber
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6
2
url pkg:composer/moodle/moodle@2.7.3
purl pkg:composer/moodle/moodle@2.7.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-37pj-u3gh-n7fd
3
vulnerability VCID-4kq5-ctsv-eka8
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-65y9-9ur2-pugc
6
vulnerability VCID-83kb-4mk9-t7ge
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-an53-nu91-k3d7
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-dhku-uah4-ykh8
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eaqp-7abt-6kg9
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fsex-f512-pudv
16
vulnerability VCID-jcq6-btgz-fkf6
17
vulnerability VCID-k1bh-ymgt-e7cd
18
vulnerability VCID-k6pw-51st-b3d2
19
vulnerability VCID-k73h-z6j8-gkgz
20
vulnerability VCID-kgvw-uxf4-wbc1
21
vulnerability VCID-m3np-aebb-8qaa
22
vulnerability VCID-m4zv-e3dn-budf
23
vulnerability VCID-mkfz-e1ft-2bcw
24
vulnerability VCID-nntc-dsz1-e3fp
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-r6kn-b963-eqge
27
vulnerability VCID-s3ue-e5h8-f3dy
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vb67-yux5-ayhf
30
vulnerability VCID-vfp6-4h8n-bkax
31
vulnerability VCID-vtq4-fpr8-hudb
32
vulnerability VCID-w9ca-exua-g7ar
33
vulnerability VCID-x7rg-rsb5-pya7
34
vulnerability VCID-xmm4-zw49-3feh
35
vulnerability VCID-y8up-cqtu-jkdw
36
vulnerability VCID-yghg-775s-vber
37
vulnerability VCID-zjrq-np3y-hua5
38
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3
aliases CVE-2014-7845, GHSA-9v64-447r-wch6
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rdfn-52p2-afa7
10
url VCID-uvgt-7m5a-xkdc
vulnerability_id VCID-uvgt-7m5a-xkdc
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
lib/setup.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not provide charset information in HTTP headers, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via UTF-7 characters during interaction with AJAX scripts.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47966
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47966
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-9059
reference_id
reference_type
scores
0
value 0.0032
scoring_system epss
scoring_elements 0.55344
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-9059
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/0a0145c5e8041aadeff303a9f9984c86706b4e42
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/0a0145c5e8041aadeff303a9f9984c86706b4e42
4
reference_url https://github.com/moodle/moodle/commit/293e4bbcb71f0a801c2539ea051c58688314b23a
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/293e4bbcb71f0a801c2539ea051c58688314b23a
5
reference_url https://github.com/moodle/moodle/commit/3c98b7a5ad1bb596a738e550fc3bf966d6415fe0
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/3c98b7a5ad1bb596a738e550fc3bf966d6415fe0
6
reference_url https://github.com/moodle/moodle/commit/ac6e453d11024bf6ad99ada1bfc641c6b91ebed6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/ac6e453d11024bf6ad99ada1bfc641c6b91ebed6
7
reference_url https://moodle.org/mod/forum/discuss.php?d=275146
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=275146
8
reference_url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
9
reference_url https://web.archive.org/web/20200229043651/http://www.securityfocus.com/bid/71133
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200229043651/http://www.securityfocus.com/bid/71133
10
reference_url http://www.securitytracker.com/id/1031215
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1031215
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-9059
reference_id CVE-2014-9059
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-9059
12
reference_url https://github.com/advisories/GHSA-crcq-pw8h-9xwf
reference_id GHSA-crcq-pw8h-9xwf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-crcq-pw8h-9xwf
fixed_packages
0
url pkg:composer/moodle/moodle@2.5.9
purl pkg:composer/moodle/moodle@2.5.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-hbky-xx53-vkct
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k1bh-ymgt-e7cd
15
vulnerability VCID-k6pw-51st-b3d2
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-m4zv-e3dn-budf
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-nntc-dsz1-e3fp
21
vulnerability VCID-qhv1-wgpm-7fh6
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-uptz-tj66-7yfk
25
vulnerability VCID-vb67-yux5-ayhf
26
vulnerability VCID-vfp6-4h8n-bkax
27
vulnerability VCID-w9ca-exua-g7ar
28
vulnerability VCID-x7rg-rsb5-pya7
29
vulnerability VCID-xmm4-zw49-3feh
30
vulnerability VCID-y8up-cqtu-jkdw
31
vulnerability VCID-yghg-775s-vber
32
vulnerability VCID-zjrq-np3y-hua5
33
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.9
1
url pkg:composer/moodle/moodle@2.6.6
purl pkg:composer/moodle/moodle@2.6.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-r6kn-b963-eqge
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-xmm4-zw49-3feh
28
vulnerability VCID-y8up-cqtu-jkdw
29
vulnerability VCID-yghg-775s-vber
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6
2
url pkg:composer/moodle/moodle@2.7.3
purl pkg:composer/moodle/moodle@2.7.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-37pj-u3gh-n7fd
3
vulnerability VCID-4kq5-ctsv-eka8
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-65y9-9ur2-pugc
6
vulnerability VCID-83kb-4mk9-t7ge
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-an53-nu91-k3d7
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-dhku-uah4-ykh8
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eaqp-7abt-6kg9
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fsex-f512-pudv
16
vulnerability VCID-jcq6-btgz-fkf6
17
vulnerability VCID-k1bh-ymgt-e7cd
18
vulnerability VCID-k6pw-51st-b3d2
19
vulnerability VCID-k73h-z6j8-gkgz
20
vulnerability VCID-kgvw-uxf4-wbc1
21
vulnerability VCID-m3np-aebb-8qaa
22
vulnerability VCID-m4zv-e3dn-budf
23
vulnerability VCID-mkfz-e1ft-2bcw
24
vulnerability VCID-nntc-dsz1-e3fp
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-r6kn-b963-eqge
27
vulnerability VCID-s3ue-e5h8-f3dy
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vb67-yux5-ayhf
30
vulnerability VCID-vfp6-4h8n-bkax
31
vulnerability VCID-vtq4-fpr8-hudb
32
vulnerability VCID-w9ca-exua-g7ar
33
vulnerability VCID-x7rg-rsb5-pya7
34
vulnerability VCID-xmm4-zw49-3feh
35
vulnerability VCID-y8up-cqtu-jkdw
36
vulnerability VCID-yghg-775s-vber
37
vulnerability VCID-zjrq-np3y-hua5
38
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3
aliases CVE-2014-9059, GHSA-crcq-pw8h-9xwf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uvgt-7m5a-xkdc
11
url VCID-v7zm-cw8w-6yf8
vulnerability_id VCID-v7zm-cw8w-6yf8
summary 
Moodle does not verify group permissions
mod/forum/externallib.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 does not verify group permissions, which allows remote authenticated users to access a forum via the forum_get_discussions web service.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45303
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45303
1
reference_url http://openwall.com/lists/oss-security/2014/11/17/11
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/11/17/11
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-7834
reference_id
reference_type
scores
0
value 0.0019
scoring_system epss
scoring_elements 0.40699
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-7834
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/3aa9d93c7a78d14fa30e2afbfd8fa7e09bc9cb41
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/3aa9d93c7a78d14fa30e2afbfd8fa7e09bc9cb41
5
reference_url https://github.com/moodle/moodle/commit/40afeb4044c9718bf175c347f0f9099a037ce9f0
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/40afeb4044c9718bf175c347f0f9099a037ce9f0
6
reference_url https://github.com/moodle/moodle/commit/79eda0e9a0d15ba1d87187ec712f96abd62748c1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/79eda0e9a0d15ba1d87187ec712f96abd62748c1
7
reference_url https://moodle.org/mod/forum/discuss.php?d=275159
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=275159
8
reference_url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-7834
reference_id CVE-2014-7834
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-7834
10
reference_url https://github.com/advisories/GHSA-557f-2hv4-7jjm
reference_id GHSA-557f-2hv4-7jjm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-557f-2hv4-7jjm
fixed_packages
0
url pkg:composer/moodle/moodle@2.6.6
purl pkg:composer/moodle/moodle@2.6.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-r6kn-b963-eqge
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-xmm4-zw49-3feh
28
vulnerability VCID-y8up-cqtu-jkdw
29
vulnerability VCID-yghg-775s-vber
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6
1
url pkg:composer/moodle/moodle@2.7.3
purl pkg:composer/moodle/moodle@2.7.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-37pj-u3gh-n7fd
3
vulnerability VCID-4kq5-ctsv-eka8
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-65y9-9ur2-pugc
6
vulnerability VCID-83kb-4mk9-t7ge
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-an53-nu91-k3d7
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-dhku-uah4-ykh8
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eaqp-7abt-6kg9
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fsex-f512-pudv
16
vulnerability VCID-jcq6-btgz-fkf6
17
vulnerability VCID-k1bh-ymgt-e7cd
18
vulnerability VCID-k6pw-51st-b3d2
19
vulnerability VCID-k73h-z6j8-gkgz
20
vulnerability VCID-kgvw-uxf4-wbc1
21
vulnerability VCID-m3np-aebb-8qaa
22
vulnerability VCID-m4zv-e3dn-budf
23
vulnerability VCID-mkfz-e1ft-2bcw
24
vulnerability VCID-nntc-dsz1-e3fp
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-r6kn-b963-eqge
27
vulnerability VCID-s3ue-e5h8-f3dy
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vb67-yux5-ayhf
30
vulnerability VCID-vfp6-4h8n-bkax
31
vulnerability VCID-vtq4-fpr8-hudb
32
vulnerability VCID-w9ca-exua-g7ar
33
vulnerability VCID-x7rg-rsb5-pya7
34
vulnerability VCID-xmm4-zw49-3feh
35
vulnerability VCID-y8up-cqtu-jkdw
36
vulnerability VCID-yghg-775s-vber
37
vulnerability VCID-zjrq-np3y-hua5
38
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3
aliases CVE-2014-7834, GHSA-557f-2hv4-7jjm
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v7zm-cw8w-6yf8
12
url VCID-vda3-4fgr-gfbw
vulnerability_id VCID-vda3-4fgr-gfbw
summary 
Moodle allows attackers to bypass the mod/lti:view capability requirement
mod/lti/launch.php in the LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 performs access control at the course level rather than at the activity level, which allows remote authenticated users to bypass the mod/lti:view capability requirement by viewing an activity instance.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47921
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47921
1
reference_url http://openwall.com/lists/oss-security/2014/11/17/11
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/11/17/11
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-7832
reference_id
reference_type
scores
0
value 0.00243
scoring_system epss
scoring_elements 0.47692
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-7832
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/263f78b8b804fe7dbcd6ffadcadad2c94a0093f7
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/263f78b8b804fe7dbcd6ffadcadad2c94a0093f7
5
reference_url https://github.com/moodle/moodle/commit/8e34d8e85b971a01459797799c0696cfeaae9cc0
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/8e34d8e85b971a01459797799c0696cfeaae9cc0
6
reference_url https://github.com/moodle/moodle/commit/c844af2569e972195db8bca683c1fdf2ddbc3a59
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/c844af2569e972195db8bca683c1fdf2ddbc3a59
7
reference_url https://github.com/moodle/moodle/commit/fe8430e0dc2a50ea8e03d709e95d1226631d0d52
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/fe8430e0dc2a50ea8e03d709e95d1226631d0d52
8
reference_url https://moodle.org/mod/forum/discuss.php?d=275154
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=275154
9
reference_url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-7832
reference_id CVE-2014-7832
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-7832
11
reference_url https://github.com/advisories/GHSA-mphj-h2fc-62x3
reference_id GHSA-mphj-h2fc-62x3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mphj-h2fc-62x3
fixed_packages
0
url pkg:composer/moodle/moodle@2.5.9
purl pkg:composer/moodle/moodle@2.5.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-hbky-xx53-vkct
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k1bh-ymgt-e7cd
15
vulnerability VCID-k6pw-51st-b3d2
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-m4zv-e3dn-budf
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-nntc-dsz1-e3fp
21
vulnerability VCID-qhv1-wgpm-7fh6
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-uptz-tj66-7yfk
25
vulnerability VCID-vb67-yux5-ayhf
26
vulnerability VCID-vfp6-4h8n-bkax
27
vulnerability VCID-w9ca-exua-g7ar
28
vulnerability VCID-x7rg-rsb5-pya7
29
vulnerability VCID-xmm4-zw49-3feh
30
vulnerability VCID-y8up-cqtu-jkdw
31
vulnerability VCID-yghg-775s-vber
32
vulnerability VCID-zjrq-np3y-hua5
33
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.9
1
url pkg:composer/moodle/moodle@2.6.6
purl pkg:composer/moodle/moodle@2.6.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-r6kn-b963-eqge
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-xmm4-zw49-3feh
28
vulnerability VCID-y8up-cqtu-jkdw
29
vulnerability VCID-yghg-775s-vber
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6
2
url pkg:composer/moodle/moodle@2.7.3
purl pkg:composer/moodle/moodle@2.7.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-37pj-u3gh-n7fd
3
vulnerability VCID-4kq5-ctsv-eka8
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-65y9-9ur2-pugc
6
vulnerability VCID-83kb-4mk9-t7ge
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-an53-nu91-k3d7
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-dhku-uah4-ykh8
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eaqp-7abt-6kg9
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fsex-f512-pudv
16
vulnerability VCID-jcq6-btgz-fkf6
17
vulnerability VCID-k1bh-ymgt-e7cd
18
vulnerability VCID-k6pw-51st-b3d2
19
vulnerability VCID-k73h-z6j8-gkgz
20
vulnerability VCID-kgvw-uxf4-wbc1
21
vulnerability VCID-m3np-aebb-8qaa
22
vulnerability VCID-m4zv-e3dn-budf
23
vulnerability VCID-mkfz-e1ft-2bcw
24
vulnerability VCID-nntc-dsz1-e3fp
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-r6kn-b963-eqge
27
vulnerability VCID-s3ue-e5h8-f3dy
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vb67-yux5-ayhf
30
vulnerability VCID-vfp6-4h8n-bkax
31
vulnerability VCID-vtq4-fpr8-hudb
32
vulnerability VCID-w9ca-exua-g7ar
33
vulnerability VCID-x7rg-rsb5-pya7
34
vulnerability VCID-xmm4-zw49-3feh
35
vulnerability VCID-y8up-cqtu-jkdw
36
vulnerability VCID-yghg-775s-vber
37
vulnerability VCID-zjrq-np3y-hua5
38
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3
aliases CVE-2014-7832, GHSA-mphj-h2fc-62x3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vda3-4fgr-gfbw
13
url VCID-wawr-t9dc-33fj
vulnerability_id VCID-wawr-t9dc-33fj
summary 
Exposure of Sensitive Information to an Unauthorized Actor
lib/classes/grades_external.php in Moodle 2.7.x before 2.7.3 does not consider the moodle/grade:viewhidden capability before displaying hidden grades, which allows remote authenticated users to obtain sensitive information by leveraging the student role to access the get_grades web service.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47766
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47766
1
reference_url http://openwall.com/lists/oss-security/2014/11/17/11
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/11/17/11
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-7831
reference_id
reference_type
scores
0
value 0.00252
scoring_system epss
scoring_elements 0.48705
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-7831
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/3b8876f5ef2b5cde1e9de2599efd03d02bdaf7d8
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/3b8876f5ef2b5cde1e9de2599efd03d02bdaf7d8
5
reference_url https://moodle.org/mod/forum/discuss.php?d=275153
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=275153
6
reference_url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150914064838/http://www.securitytracker.com/id/1031215
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-7831
reference_id CVE-2014-7831
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-7831
8
reference_url https://github.com/advisories/GHSA-59j6-8g7w-prf7
reference_id GHSA-59j6-8g7w-prf7
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-59j6-8g7w-prf7
fixed_packages
0
url pkg:composer/moodle/moodle@2.7.3
purl pkg:composer/moodle/moodle@2.7.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-37pj-u3gh-n7fd
3
vulnerability VCID-4kq5-ctsv-eka8
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-65y9-9ur2-pugc
6
vulnerability VCID-83kb-4mk9-t7ge
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-an53-nu91-k3d7
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-dhku-uah4-ykh8
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eaqp-7abt-6kg9
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fsex-f512-pudv
16
vulnerability VCID-jcq6-btgz-fkf6
17
vulnerability VCID-k1bh-ymgt-e7cd
18
vulnerability VCID-k6pw-51st-b3d2
19
vulnerability VCID-k73h-z6j8-gkgz
20
vulnerability VCID-kgvw-uxf4-wbc1
21
vulnerability VCID-m3np-aebb-8qaa
22
vulnerability VCID-m4zv-e3dn-budf
23
vulnerability VCID-mkfz-e1ft-2bcw
24
vulnerability VCID-nntc-dsz1-e3fp
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-r6kn-b963-eqge
27
vulnerability VCID-s3ue-e5h8-f3dy
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vb67-yux5-ayhf
30
vulnerability VCID-vfp6-4h8n-bkax
31
vulnerability VCID-vtq4-fpr8-hudb
32
vulnerability VCID-w9ca-exua-g7ar
33
vulnerability VCID-x7rg-rsb5-pya7
34
vulnerability VCID-xmm4-zw49-3feh
35
vulnerability VCID-y8up-cqtu-jkdw
36
vulnerability VCID-yghg-775s-vber
37
vulnerability VCID-zjrq-np3y-hua5
38
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3
aliases CVE-2014-7831, GHSA-59j6-8g7w-prf7
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wawr-t9dc-33fj
14
url VCID-xnmk-jah2-ufce
vulnerability_id VCID-xnmk-jah2-ufce
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in mod/feedback/mapcourse.php in the Feedback module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the mod/feedback:mapcourse capability to provide a searchcourse parameter.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47865
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47865
1
reference_url http://openwall.com/lists/oss-security/2014/11/17/11
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/11/17/11
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-7830
reference_id
reference_type
scores
0
value 0.00208
scoring_system epss
scoring_elements 0.43123
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-7830
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/7bb6b84cfd308bad89dc0c3f95ad2fa55b7d25f8
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/7bb6b84cfd308bad89dc0c3f95ad2fa55b7d25f8
5
reference_url https://github.com/moodle/moodle/commit/8bf49b7377438a7f259750e2f076c612c0a5d84e
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/8bf49b7377438a7f259750e2f076c612c0a5d84e
6
reference_url https://github.com/moodle/moodle/commit/b7f75a9c05c65fb1d2f6391f5dd852f9e923a183
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/b7f75a9c05c65fb1d2f6391f5dd852f9e923a183
7
reference_url https://github.com/moodle/moodle/commit/c6b6e5decee4c452b8667f82d7c64f137b687d7c
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/c6b6e5decee4c452b8667f82d7c64f137b687d7c
8
reference_url https://moodle.org/mod/forum/discuss.php?d=275147
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=275147
9
reference_url https://web.archive.org/web/20200228175348/http://www.securityfocus.com/bid/71119
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228175348/http://www.securityfocus.com/bid/71119
10
reference_url http://www.securitytracker.com/id/1031215
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1031215
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-7830
reference_id CVE-2014-7830
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-7830
12
reference_url https://github.com/advisories/GHSA-j4mr-vc54-h5pc
reference_id GHSA-j4mr-vc54-h5pc
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j4mr-vc54-h5pc
fixed_packages
0
url pkg:composer/moodle/moodle@2.5.9
purl pkg:composer/moodle/moodle@2.5.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-hbky-xx53-vkct
13
vulnerability VCID-jcq6-btgz-fkf6
14
vulnerability VCID-k1bh-ymgt-e7cd
15
vulnerability VCID-k6pw-51st-b3d2
16
vulnerability VCID-k73h-z6j8-gkgz
17
vulnerability VCID-m3np-aebb-8qaa
18
vulnerability VCID-m4zv-e3dn-budf
19
vulnerability VCID-mkfz-e1ft-2bcw
20
vulnerability VCID-nntc-dsz1-e3fp
21
vulnerability VCID-qhv1-wgpm-7fh6
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-uptz-tj66-7yfk
25
vulnerability VCID-vb67-yux5-ayhf
26
vulnerability VCID-vfp6-4h8n-bkax
27
vulnerability VCID-w9ca-exua-g7ar
28
vulnerability VCID-x7rg-rsb5-pya7
29
vulnerability VCID-xmm4-zw49-3feh
30
vulnerability VCID-y8up-cqtu-jkdw
31
vulnerability VCID-yghg-775s-vber
32
vulnerability VCID-zjrq-np3y-hua5
33
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.9
1
url pkg:composer/moodle/moodle@2.6.6
purl pkg:composer/moodle/moodle@2.6.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-r6kn-b963-eqge
22
vulnerability VCID-s6uu-335k-yfbc
23
vulnerability VCID-vb67-yux5-ayhf
24
vulnerability VCID-vfp6-4h8n-bkax
25
vulnerability VCID-w9ca-exua-g7ar
26
vulnerability VCID-x7rg-rsb5-pya7
27
vulnerability VCID-xmm4-zw49-3feh
28
vulnerability VCID-y8up-cqtu-jkdw
29
vulnerability VCID-yghg-775s-vber
30
vulnerability VCID-zjrq-np3y-hua5
31
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.6
2
url pkg:composer/moodle/moodle@2.7.3
purl pkg:composer/moodle/moodle@2.7.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dxb-v1af-jbax
1
vulnerability VCID-2s6b-tp6p-gue1
2
vulnerability VCID-37pj-u3gh-n7fd
3
vulnerability VCID-4kq5-ctsv-eka8
4
vulnerability VCID-5rbf-4dz3-2qdz
5
vulnerability VCID-65y9-9ur2-pugc
6
vulnerability VCID-83kb-4mk9-t7ge
7
vulnerability VCID-a6pb-47tu-afcg
8
vulnerability VCID-ajkr-fxa1-mkhk
9
vulnerability VCID-an53-nu91-k3d7
10
vulnerability VCID-bjnq-q2nd-1khp
11
vulnerability VCID-dhku-uah4-ykh8
12
vulnerability VCID-duna-st9c-mqbk
13
vulnerability VCID-eaqp-7abt-6kg9
14
vulnerability VCID-eu27-a3px-87ed
15
vulnerability VCID-fsex-f512-pudv
16
vulnerability VCID-jcq6-btgz-fkf6
17
vulnerability VCID-k1bh-ymgt-e7cd
18
vulnerability VCID-k6pw-51st-b3d2
19
vulnerability VCID-k73h-z6j8-gkgz
20
vulnerability VCID-kgvw-uxf4-wbc1
21
vulnerability VCID-m3np-aebb-8qaa
22
vulnerability VCID-m4zv-e3dn-budf
23
vulnerability VCID-mkfz-e1ft-2bcw
24
vulnerability VCID-nntc-dsz1-e3fp
25
vulnerability VCID-qhv1-wgpm-7fh6
26
vulnerability VCID-r6kn-b963-eqge
27
vulnerability VCID-s3ue-e5h8-f3dy
28
vulnerability VCID-s6uu-335k-yfbc
29
vulnerability VCID-vb67-yux5-ayhf
30
vulnerability VCID-vfp6-4h8n-bkax
31
vulnerability VCID-vtq4-fpr8-hudb
32
vulnerability VCID-w9ca-exua-g7ar
33
vulnerability VCID-x7rg-rsb5-pya7
34
vulnerability VCID-xmm4-zw49-3feh
35
vulnerability VCID-y8up-cqtu-jkdw
36
vulnerability VCID-yghg-775s-vber
37
vulnerability VCID-zjrq-np3y-hua5
38
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3
aliases CVE-2014-7830, GHSA-j4mr-vc54-h5pc
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xnmk-jah2-ufce
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.3