VulnerableCode Package Details - pkg:composer/moodle/moodle@3.7.1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-2s6b-tp6p-gue1	Cross-Site Request Forgery (CSRF) A sesskey (CSRF) token was not being utilised by the XML loading/unloading admin tool.	CVE-2019-10186 GHSA-wv9c-pfpm-4wc5
VCID-eu27-a3px-87ed	Improper Access Control Teachers in an assignment group could modify group overrides for other groups in the same assignment.	CVE-2019-10189 GHSA-h7xp-7fjp-ghhc
VCID-w9ca-exua-g7ar	Improper Access Control Teachers in a quiz group could modify group overrides for other groups in the same quiz.	CVE-2019-10188 GHSA-92q5-2h76-vgmj
VCID-x7rg-rsb5-pya7	Improper Access Control Users with permission to delete entries from a glossary were able to delete entries from other glossaries they did not have direct access to.	CVE-2019-10187 GHSA-2mg9-hv69-897x

Vulnerability

Summary

Aliases

VCID-2s6b-tp6p-gue1

Cross-Site Request Forgery (CSRF) A sesskey (CSRF) token was not being utilised by the XML loading/unloading admin tool.

CVE-2019-10186
GHSA-wv9c-pfpm-4wc5

VCID-eu27-a3px-87ed

Improper Access Control Teachers in an assignment group could modify group overrides for other groups in the same assignment.

CVE-2019-10189
GHSA-h7xp-7fjp-ghhc

VCID-w9ca-exua-g7ar

Improper Access Control Teachers in a quiz group could modify group overrides for other groups in the same quiz.

CVE-2019-10188
GHSA-92q5-2h76-vgmj

VCID-x7rg-rsb5-pya7

Improper Access Control Users with permission to delete entries from a glossary were able to delete entries from other glossaries they did not have direct access to.

CVE-2019-10187
GHSA-2mg9-hv69-897x

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-04T18:06:24.701488+00:00	GithubOSV Importer	Fixing	VCID-eu27-a3px-87ed	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-h7xp-7fjp-ghhc/GHSA-h7xp-7fjp-ghhc.json	38.6.0
2026-06-04T18:06:07.686268+00:00	GithubOSV Importer	Fixing	VCID-x7rg-rsb5-pya7	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-2mg9-hv69-897x/GHSA-2mg9-hv69-897x.json	38.6.0
2026-06-04T17:58:26.073194+00:00	GithubOSV Importer	Fixing	VCID-w9ca-exua-g7ar	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-92q5-2h76-vgmj/GHSA-92q5-2h76-vgmj.json	38.6.0
2026-06-04T17:55:57.413969+00:00	GithubOSV Importer	Fixing	VCID-2s6b-tp6p-gue1	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-wv9c-pfpm-4wc5/GHSA-wv9c-pfpm-4wc5.json	38.6.0
2026-06-04T16:19:31.047368+00:00	GitLab Importer	Fixing	VCID-x7rg-rsb5-pya7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2019-10187.yml	38.6.0
2026-06-04T16:19:31.002739+00:00	GitLab Importer	Fixing	VCID-eu27-a3px-87ed	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2019-10189.yml	38.6.0
2026-06-04T16:19:30.958356+00:00	GitLab Importer	Fixing	VCID-2s6b-tp6p-gue1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2019-10186.yml	38.6.0
2026-06-04T16:19:30.912018+00:00	GitLab Importer	Fixing	VCID-w9ca-exua-g7ar	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2019-10188.yml	38.6.0