{"url":"http://public2.vulnerablecode.io/api/packages/61518?format=json","purl":"pkg:composer/moodle/moodle@2.0.0","type":"composer","namespace":"moodle","name":"moodle","version":"2.0.0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"3.5.17","latest_non_vulnerable_version":"5.1.2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43494?format=json","vulnerability_id":"VCID-41jn-p8ef-pqbg","summary":"Moodle allows remote attackers to obtain sensitive information from myprofile block by visiting user-context page\nMoodle 2.0.x before 2.0.2 allows remote attackers to obtain sensitive information from a myprofile (aka My profile) block by visiting a user-context page.","references":[{"reference_url":"http://git.moodle.org","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org"},{"reference_url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=0ab727fb35e5ae1d8316d96c6752ee9ebec4c185","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=0ab727fb35e5ae1d8316d96c6752ee9ebec4c185"},{"reference_url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=0ab727fb35e5ae1d8316d96c6752ee9ebec4c185","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=0ab727fb35e5ae1d8316d96c6752ee9ebec4c185"},{"reference_url":"http://moodle.org/mod/forum/discuss.php?d=170010","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://moodle.org/mod/forum/discuss.php?d=170010"},{"reference_url":"http://openwall.com/lists/oss-security/2011/11/14/1","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/11/14/1"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4284","reference_id":"","reference_type":"","scores":[{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51911","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4284"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4284","reference_id":"CVE-2011-4284","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4284"},{"reference_url":"https://github.com/advisories/GHSA-mw6p-49jf-9935","reference_id":"GHSA-mw6p-49jf-9935","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-mw6p-49jf-9935"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62050?format=json","purl":"pkg:composer/moodle/moodle@2.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.2"}],"aliases":["CVE-2011-4284","GHSA-mw6p-49jf-9935"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-41jn-p8ef-pqbg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43504?format=json","vulnerability_id":"VCID-41up-e414-hyba","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nMultiple cross-site scripting (XSS) vulnerabilities in the File Picker module in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allow remote authenticated users to inject arbitrary web script or HTML via a crafted filename.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37507","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37507"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101310.html","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101310.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101358.html","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101358.html"},{"reference_url":"http://openwall.com/lists/oss-security/2013/03/25/2","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2013/03/25/2"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1833","reference_id":"","reference_type":"","scores":[{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43123","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1833"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/75822af579ec07cca1c6781a7c989625dcdd5463","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/75822af579ec07cca1c6781a7c989625dcdd5463"},{"reference_url":"https://github.com/moodle/moodle/commit/93e9ea9989ec6e91153d9651c9a4bc7dac1cf9ce","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/93e9ea9989ec6e91153d9651c9a4bc7dac1cf9ce"},{"reference_url":"https://github.com/moodle/moodle/commit/954b35451112c333c0ae77dff25dafbf41587c26","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/954b35451112c333c0ae77dff25dafbf41587c26"},{"reference_url":"https://github.com/moodle/moodle/commit/ca2a7956b2957d8495e154409694d205bb4ae3ef","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/ca2a7956b2957d8495e154409694d205bb4ae3ef"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=225344","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=225344"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1833","reference_id":"CVE-2013-1833","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1833"},{"reference_url":"https://github.com/advisories/GHSA-89f3-74m6-g27g","reference_id":"GHSA-89f3-74m6-g27g","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-89f3-74m6-g27g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62387?format=json","purl":"pkg:composer/moodle/moodle@2.1.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsp-tbwq-1qhf"},{"vulnerability":"VCID-b2tv-8q9g-qqfz"},{"vulnerability":"VCID-vgxb-fkuj-9fgk"},{"vulnerability":"VCID-y15n-cf9z-dyc4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.1.10"},{"url":"http://public2.vulnerablecode.io/api/packages/62388?format=json","purl":"pkg:composer/moodle/moodle@2.2.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.2.8"},{"url":"http://public2.vulnerablecode.io/api/packages/62389?format=json","purl":"pkg:composer/moodle/moodle@2.3.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2s6b-tp6p-gue1"},{"vulnerability":"VCID-37pj-u3gh-n7fd"},{"vulnerability":"VCID-65y9-9ur2-pugc"},{"vulnerability":"VCID-83kb-4mk9-t7ge"},{"vulnerability":"VCID-a6pb-47tu-afcg"},{"vulnerability":"VCID-ajkr-fxa1-mkhk"},{"vulnerability":"VCID-an53-nu91-k3d7"},{"vulnerability":"VCID-bjnq-q2nd-1khp"},{"vulnerability":"VCID-duna-st9c-mqbk"},{"vulnerability":"VCID-eaqp-7abt-6kg9"},{"vulnerability":"VCID-eu27-a3px-87ed"},{"vulnerability":"VCID-fsex-f512-pudv"},{"vulnerability":"VCID-jcq6-btgz-fkf6"},{"vulnerability":"VCID-k1bh-ymgt-e7cd"},{"vulnerability":"VCID-k6pw-51st-b3d2"},{"vulnerability":"VCID-k73h-z6j8-gkgz"},{"vulnerability":"VCID-m3np-aebb-8qaa"},{"vulnerability":"VCID-m4zv-e3dn-budf"},{"vulnerability":"VCID-mkfz-e1ft-2bcw"},{"vulnerability":"VCID-nntc-dsz1-e3fp"},{"vulnerability":"VCID-qhv1-wgpm-7fh6"},{"vulnerability":"VCID-r6kn-b963-eqge"},{"vulnerability":"VCID-s6uu-335k-yfbc"},{"vulnerability":"VCID-vb67-yux5-ayhf"},{"vulnerability":"VCID-vfp6-4h8n-bkax"},{"vulnerability":"VCID-w9ca-exua-g7ar"},{"vulnerability":"VCID-x7rg-rsb5-pya7"},{"vulnerability":"VCID-xmm4-zw49-3feh"},{"vulnerability":"VCID-y8up-cqtu-jkdw"},{"vulnerability":"VCID-yghg-775s-vber"},{"vulnerability":"VCID-zjrq-np3y-hua5"},{"vulnerability":"VCID-zwkk-zazw-6fgg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.3.5"},{"url":"http://public2.vulnerablecode.io/api/packages/62390?format=json","purl":"pkg:composer/moodle/moodle@2.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2s6b-tp6p-gue1"},{"vulnerability":"VCID-37pj-u3gh-n7fd"},{"vulnerability":"VCID-65y9-9ur2-pugc"},{"vulnerability":"VCID-83kb-4mk9-t7ge"},{"vulnerability":"VCID-a6pb-47tu-afcg"},{"vulnerability":"VCID-ajkr-fxa1-mkhk"},{"vulnerability":"VCID-an53-nu91-k3d7"},{"vulnerability":"VCID-bjnq-q2nd-1khp"},{"vulnerability":"VCID-duna-st9c-mqbk"},{"vulnerability":"VCID-eaqp-7abt-6kg9"},{"vulnerability":"VCID-eu27-a3px-87ed"},{"vulnerability":"VCID-fsex-f512-pudv"},{"vulnerability":"VCID-jcq6-btgz-fkf6"},{"vulnerability":"VCID-k1bh-ymgt-e7cd"},{"vulnerability":"VCID-k6pw-51st-b3d2"},{"vulnerability":"VCID-k73h-z6j8-gkgz"},{"vulnerability":"VCID-m3np-aebb-8qaa"},{"vulnerability":"VCID-m4zv-e3dn-budf"},{"vulnerability":"VCID-mkfz-e1ft-2bcw"},{"vulnerability":"VCID-nntc-dsz1-e3fp"},{"vulnerability":"VCID-qhv1-wgpm-7fh6"},{"vulnerability":"VCID-r6kn-b963-eqge"},{"vulnerability":"VCID-s6uu-335k-yfbc"},{"vulnerability":"VCID-vb67-yux5-ayhf"},{"vulnerability":"VCID-vfp6-4h8n-bkax"},{"vulnerability":"VCID-w9ca-exua-g7ar"},{"vulnerability":"VCID-x7rg-rsb5-pya7"},{"vulnerability":"VCID-xmm4-zw49-3feh"},{"vulnerability":"VCID-y8up-cqtu-jkdw"},{"vulnerability":"VCID-yghg-775s-vber"},{"vulnerability":"VCID-zjrq-np3y-hua5"},{"vulnerability":"VCID-zwkk-zazw-6fgg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.2"}],"aliases":["CVE-2013-1833","GHSA-89f3-74m6-g27g"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-41up-e414-hyba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43381?format=json","vulnerability_id":"VCID-47h1-1tt9-4fat","summary":"Moodle vulnerable to Cross-site Scripting\nMultiple cross-site scripting (XSS) vulnerabilities in the course-tags functionality in tag/coursetags_more.php in Moodle 2.0.x before 2.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) sort or (2) show parameter.","references":[{"reference_url":"http://git.moodle.org","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org"},{"reference_url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=73de6fa06f6923278950a445bd69b3fbc1e518d2","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=73de6fa06f6923278950a445bd69b3fbc1e518d2"},{"reference_url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=73de6fa06f6923278950a445bd69b3fbc1e518d2","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=73de6fa06f6923278950a445bd69b3fbc1e518d2"},{"reference_url":"http://moodle.org/mod/forum/discuss.php?d=170008","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://moodle.org/mod/forum/discuss.php?d=170008"},{"reference_url":"http://openwall.com/lists/oss-security/2011/11/14/1","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/11/14/1"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4282","reference_id":"","reference_type":"","scores":[{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.53289","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4282"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4282","reference_id":"CVE-2011-4282","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4282"},{"reference_url":"https://github.com/advisories/GHSA-6xqg-f34f-5fjx","reference_id":"GHSA-6xqg-f34f-5fjx","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6xqg-f34f-5fjx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62050?format=json","purl":"pkg:composer/moodle/moodle@2.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.2"}],"aliases":["CVE-2011-4282","GHSA-6xqg-f34f-5fjx"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-47h1-1tt9-4fat"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43004?format=json","vulnerability_id":"VCID-4cdk-8y5v-nba1","summary":"Insertion of Sensitive Information into Log File\nMoodle before 2.2.2 has users' private files included in course backups","references":[{"reference_url":"http://docs.moodle.org/dev/Moodle_2.0.8_release_notes","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://docs.moodle.org/dev/Moodle_2.0.8_release_notes"},{"reference_url":"http://docs.moodle.org/dev/Moodle_2.1.5_release_notes","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://docs.moodle.org/dev/Moodle_2.1.5_release_notes"},{"reference_url":"http://docs.moodle.org/dev/Moodle_2.2.2_release_notes","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://docs.moodle.org/dev/Moodle_2.2.2_release_notes"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1156","reference_id":"","reference_type":"","scores":[{"value":"0.01229","scoring_system":"epss","scoring_elements":"0.79491","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1156"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1156","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1156"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/37b6e7a03c77ea99fbe5224a15419e318019c570","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/37b6e7a03c77ea99fbe5224a15419e318019c570"},{"reference_url":"https://github.com/moodle/moodle/commit/ac6dc09c261219afa0191e9f2daf030bd071d272","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/ac6dc09c261219afa0191e9f2daf030bd071d272"},{"reference_url":"https://github.com/moodle/moodle/commit/f88224624dca76e1a8a2810fd8cc04292611f91c","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/f88224624dca76e1a8a2810fd8cc04292611f91c"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=198623","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=198623"},{"reference_url":"https://access.redhat.com/security/cve/cve-2012-1156","reference_id":"CVE-2012-1156","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/cve-2012-1156"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-1156","reference_id":"CVE-2012-1156","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-1156"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2012-1156","reference_id":"CVE-2012-1156","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security-tracker.debian.org/tracker/CVE-2012-1156"},{"reference_url":"https://github.com/advisories/GHSA-358r-g2xw-7c83","reference_id":"GHSA-358r-g2xw-7c83","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-358r-g2xw-7c83"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/61527?format=json","purl":"pkg:composer/moodle/moodle@2.0.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.8"},{"url":"http://public2.vulnerablecode.io/api/packages/61524?format=json","purl":"pkg:composer/moodle/moodle@2.1.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.1.5"},{"url":"http://public2.vulnerablecode.io/api/packages/61525?format=json","purl":"pkg:composer/moodle/moodle@2.2.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.2.2"}],"aliases":["CVE-2012-1156","GHSA-358r-g2xw-7c83"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4cdk-8y5v-nba1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43736?format=json","vulnerability_id":"VCID-4hs4-xkzr-ybbf","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site scripting (XSS) vulnerability in the tag autocomplete functionality in Moodle 1.9.x before 1.9.11 and 2.0.x before 2.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=fd29b2ad1c20906da00d7e523f39bc8a0358a65b","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=fd29b2ad1c20906da00d7e523f39bc8a0358a65b"},{"reference_url":"http://moodle.org/mod/forum/discuss.php?d=170003","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://moodle.org/mod/forum/discuss.php?d=170003"},{"reference_url":"http://openwall.com/lists/oss-security/2011/11/14/1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/11/14/1"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4278","reference_id":"","reference_type":"","scores":[{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.53289","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4278"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/34b93e39a64a68e4a676b93ccf2bd87a1d3b5ef8","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/34b93e39a64a68e4a676b93ccf2bd87a1d3b5ef8"},{"reference_url":"https://github.com/moodle/moodle/commit/fd29b2ad1c20906da00d7e523f39bc8a0358a65b","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/fd29b2ad1c20906da00d7e523f39bc8a0358a65b"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4278","reference_id":"CVE-2011-4278","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4278"},{"reference_url":"https://github.com/advisories/GHSA-6656-6qwx-4c2m","reference_id":"GHSA-6656-6qwx-4c2m","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6656-6qwx-4c2m"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62050?format=json","purl":"pkg:composer/moodle/moodle@2.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.2"}],"aliases":["CVE-2011-4278","GHSA-6656-6qwx-4c2m"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4hs4-xkzr-ybbf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43330?format=json","vulnerability_id":"VCID-6dwh-baur-9ydg","summary":"Moodle vulnerable to Cross-Site Request Forgery\nMultiple cross-site request forgery (CSRF) vulnerabilities in mod/wiki/ components in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allow remote attackers to hijack the authentication of arbitrary users for requests that modify wiki data.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=48346fb11f8ced06a05c0618b02a3a925b34ec59","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=48346fb11f8ced06a05c0618b02a3a925b34ec59"},{"reference_url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=48346fb11f8ced06a05c0618b02a3a925b34ec59","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=48346fb11f8ced06a05c0618b02a3a925b34ec59"},{"reference_url":"http://moodle.org/mod/forum/discuss.php?d=188309","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://moodle.org/mod/forum/discuss.php?d=188309"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4298","reference_id":"","reference_type":"","scores":[{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31407","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4298"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=747444","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=747444"},{"reference_url":"https://git.moodle.org","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://git.moodle.org"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4298","reference_id":"CVE-2011-4298","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4298"},{"reference_url":"https://github.com/advisories/GHSA-8hxm-42v5-66hm","reference_id":"GHSA-8hxm-42v5-66hm","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-8hxm-42v5-66hm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62077?format=json","purl":"pkg:composer/moodle/moodle@2.0.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/62078?format=json","purl":"pkg:composer/moodle/moodle@2.1.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.1.2"}],"aliases":["CVE-2011-4298","GHSA-8hxm-42v5-66hm"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6dwh-baur-9ydg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43686?format=json","vulnerability_id":"VCID-7pf8-gx8a-fbg1","summary":"Moodle Incorrect Default Settings\nThe default configuration of Moodle 2.0.x before 2.0.2 has an incorrect setting of the moodle/course:delete capability, which allows remote authenticated users to delete arbitrary courses by leveraging the teacher role.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=5cfe8aecb8b78e343ded38ba9e7a0a859887d21c","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=5cfe8aecb8b78e343ded38ba9e7a0a859887d21c"},{"reference_url":"http://moodle.org/mod/forum/discuss.php?d=170011","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://moodle.org/mod/forum/discuss.php?d=170011"},{"reference_url":"http://openwall.com/lists/oss-security/2011/11/14/1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/11/14/1"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4285","reference_id":"","reference_type":"","scores":[{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.6357","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4285"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/5dd7e903ff1698dcf2b6bbd821c31720d169fb83","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/5dd7e903ff1698dcf2b6bbd821c31720d169fb83"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4285","reference_id":"CVE-2011-4285","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4285"},{"reference_url":"https://github.com/advisories/GHSA-8vjj-wf73-w882","reference_id":"GHSA-8vjj-wf73-w882","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-8vjj-wf73-w882"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62050?format=json","purl":"pkg:composer/moodle/moodle@2.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.2"}],"aliases":["CVE-2011-4285","GHSA-8vjj-wf73-w882"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7pf8-gx8a-fbg1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43689?format=json","vulnerability_id":"VCID-7tky-51ah-17bs","summary":"Moodle allows remote authenticated users to cause a denial of service (invalid database records)\nMoodle 2.0.x before 2.0.3 allows remote authenticated users to cause a denial of service (invalid database records) via a series of crafted ratings operations.","references":[{"reference_url":"http://git.moodle.org","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org"},{"reference_url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=34b5e856b0c98aab3f5317119093628df0834957","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=34b5e856b0c98aab3f5317119093628df0834957"},{"reference_url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=34b5e856b0c98aab3f5317119093628df0834957","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=34b5e856b0c98aab3f5317119093628df0834957"},{"reference_url":"http://moodle.org/mod/forum/discuss.php?d=175593","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://moodle.org/mod/forum/discuss.php?d=175593"},{"reference_url":"http://openwall.com/lists/oss-security/2011/11/14/1","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/11/14/1"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4291","reference_id":"","reference_type":"","scores":[{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.64179","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4291"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4291","reference_id":"CVE-2011-4291","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4291"},{"reference_url":"https://github.com/advisories/GHSA-m2pf-4pf8-45j2","reference_id":"GHSA-m2pf-4pf8-45j2","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-m2pf-4pf8-45j2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62433?format=json","purl":"pkg:composer/moodle/moodle@2.0.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.3"}],"aliases":["CVE-2011-4291","GHSA-m2pf-4pf8-45j2"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7tky-51ah-17bs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43442?format=json","vulnerability_id":"VCID-9ca4-gyeh-qkhc","summary":"Moodle allows remote attackers to obtain sensitive information\nMoodle 1.9.x before 1.9.11 and 2.0.x before 2.0.2 places an IMS enterprise enrolment file in the course-files area, which allows remote attackers to obtain sensitive information via a request for imsenterprise-enrol.xml.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=6fde0dac702b3d0954bd1c34d427944e9cd89ae6","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=6fde0dac702b3d0954bd1c34d427944e9cd89ae6"},{"reference_url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=6fde0dac702b3d0954bd1c34d427944e9cd89ae6","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=6fde0dac702b3d0954bd1c34d427944e9cd89ae6"},{"reference_url":"http://moodle.org/mod/forum/discuss.php?d=170009","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://moodle.org/mod/forum/discuss.php?d=170009"},{"reference_url":"http://openwall.com/lists/oss-security/2011/11/14/1","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/11/14/1"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4283","reference_id":"","reference_type":"","scores":[{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51911","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4283"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4283","reference_id":"CVE-2011-4283","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4283"},{"reference_url":"https://github.com/advisories/GHSA-m3xp-4hf3-qfpp","reference_id":"GHSA-m3xp-4hf3-qfpp","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-m3xp-4hf3-qfpp"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62050?format=json","purl":"pkg:composer/moodle/moodle@2.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.2"}],"aliases":["CVE-2011-4283","GHSA-m3xp-4hf3-qfpp"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9ca4-gyeh-qkhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43318?format=json","vulnerability_id":"VCID-9e5m-wfwn-j7a3","summary":"Moodle does not use the forceloginforprofiles setting for course-profiles access control\nMoodle 2.0.x before 2.0.2 does not use the forceloginforprofiles setting for course-profiles access control, which makes it easier for remote attackers to obtain potentially sensitive information via vectors involving use of a search engine, as demonstrated by the search functionality of Google, Yahoo!, Wrensoft Zoom, MSN, Yandex, and AltaVista.","references":[{"reference_url":"http://git.moodle.org","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org"},{"reference_url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=81b58cc227cf96a1cd2e002cc210b7b3e376fd17","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=81b58cc227cf96a1cd2e002cc210b7b3e376fd17"},{"reference_url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=81b58cc227cf96a1cd2e002cc210b7b3e376fd17","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=81b58cc227cf96a1cd2e002cc210b7b3e376fd17"},{"reference_url":"http://moodle.org/mod/forum/discuss.php?d=170004","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://moodle.org/mod/forum/discuss.php?d=170004"},{"reference_url":"http://openwall.com/lists/oss-security/2011/11/14/1","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/11/14/1"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4279","reference_id":"","reference_type":"","scores":[{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51911","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4279"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4279","reference_id":"CVE-2011-4279","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4279"},{"reference_url":"https://github.com/advisories/GHSA-phqj-xp48-7p7c","reference_id":"GHSA-phqj-xp48-7p7c","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-phqj-xp48-7p7c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62050?format=json","purl":"pkg:composer/moodle/moodle@2.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.2"}],"aliases":["CVE-2011-4279","GHSA-phqj-xp48-7p7c"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9e5m-wfwn-j7a3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43345?format=json","vulnerability_id":"VCID-9nee-rvyv-qfba","summary":"Moodle vulnerable to Cross-Site Scripting\nCross-site scripting (XSS) vulnerability in mod/wiki/pagelib.php in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allows remote authenticated users to inject arbitrary web script or HTML via a wiki comment.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=a459fd90625ae44d7b3ac10b65da2dc631a418e7","reference_id":"","reference_type":"","scores":[{"value":"1.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=a459fd90625ae44d7b3ac10b65da2dc631a418e7"},{"reference_url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=a459fd90625ae44d7b3ac10b65da2dc631a418e7","reference_id":"","reference_type":"","scores":[{"value":"1.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=a459fd90625ae44d7b3ac10b65da2dc631a418e7"},{"reference_url":"http://moodle.org/mod/forum/discuss.php?d=188310","reference_id":"","reference_type":"","scores":[{"value":"1.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://moodle.org/mod/forum/discuss.php?d=188310"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4299","reference_id":"","reference_type":"","scores":[{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.53289","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4299"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=747444","reference_id":"","reference_type":"","scores":[{"value":"1.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=747444"},{"reference_url":"https://git.moodle.org","reference_id":"","reference_type":"","scores":[{"value":"1.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://git.moodle.org"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4299","reference_id":"CVE-2011-4299","reference_type":"","scores":[{"value":"1.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4299"},{"reference_url":"https://github.com/advisories/GHSA-h6px-pvfh-q2jv","reference_id":"GHSA-h6px-pvfh-q2jv","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-h6px-pvfh-q2jv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62077?format=json","purl":"pkg:composer/moodle/moodle@2.0.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/62078?format=json","purl":"pkg:composer/moodle/moodle@2.1.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.1.2"}],"aliases":["CVE-2011-4299","GHSA-h6px-pvfh-q2jv"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9nee-rvyv-qfba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43597?format=json","vulnerability_id":"VCID-a4uv-j23y-8bg1","summary":"Moodle does not properly restrict comment capabilities\ncomment/lib.php in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1 does not properly restrict comment capabilities, which allows remote attackers to post a comment by leveraging the guest role and operating on a front-page activity.","references":[{"reference_url":"http://git.moodle.org","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org"},{"reference_url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=9da3c2efadcc5f56cb8adc19c67ed16be35780f3","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=9da3c2efadcc5f56cb8adc19c67ed16be35780f3"},{"reference_url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=9da3c2efadcc5f56cb8adc19c67ed16be35780f3","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=9da3c2efadcc5f56cb8adc19c67ed16be35780f3"},{"reference_url":"http://moodle.org/mod/forum/discuss.php?d=182740","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://moodle.org/mod/forum/discuss.php?d=182740"},{"reference_url":"http://openwall.com/lists/oss-security/2011/11/14/1","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/11/14/1"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4297","reference_id":"","reference_type":"","scores":[{"value":"0.00519","scoring_system":"epss","scoring_elements":"0.67144","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4297"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4297","reference_id":"CVE-2011-4297","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4297"},{"reference_url":"https://github.com/advisories/GHSA-62wv-866c-rh86","reference_id":"GHSA-62wv-866c-rh86","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-62wv-866c-rh86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62435?format=json","purl":"pkg:composer/moodle/moodle@2.0.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/62436?format=json","purl":"pkg:composer/moodle/moodle@2.1.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.1.1"}],"aliases":["CVE-2011-4297","GHSA-62wv-866c-rh86"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a4uv-j23y-8bg1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43489?format=json","vulnerability_id":"VCID-atb4-adjz-1uef","summary":"Improper Control of Generation of Code ('Code Injection')\nCRLF injection vulnerability in calendar/set.php in the Calendar component in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, 2.1.x before 2.1.3, and 2.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors involving the url variable.","references":[{"reference_url":"http://penturalabs.wordpress.com/2011/12/13/advisory-crlf-injection-vulnerability-in-moodle","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://penturalabs.wordpress.com/2011/12/13/advisory-crlf-injection-vulnerability-in-moodle"},{"reference_url":"http://penturalabs.wordpress.com/2011/12/13/advisory-crlf-injection-vulnerability-in-moodle/","reference_id":"","reference_type":"","scores":[],"url":"http://penturalabs.wordpress.com/2011/12/13/advisory-crlf-injection-vulnerability-in-moodle/"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4203","reference_id":"","reference_type":"","scores":[{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65522","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4203"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/581e8dba387f090d89382115fd850d8b44351526","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/581e8dba387f090d89382115fd850d8b44351526"},{"reference_url":"https://github.com/moodle/moodle/commit/ae7cc577b7115a7ad7a68dc4986aca9e2bda2cf5","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/ae7cc577b7115a7ad7a68dc4986aca9e2bda2cf5"},{"reference_url":"https://github.com/moodle/moodle/commit/bc577df6a974606fcb0882b090b00ea5a4e10cf6","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/bc577df6a974606fcb0882b090b00ea5a4e10cf6"},{"reference_url":"https://github.com/moodle/moodle/commit/e311b14364719b0f7851149ee51c1a4ec732635e","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/e311b14364719b0f7851149ee51c1a4ec732635e"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=191754","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=191754"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4203","reference_id":"CVE-2011-4203","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4203"},{"reference_url":"https://github.com/advisories/GHSA-4w8m-96v9-2c86","reference_id":"GHSA-4w8m-96v9-2c86","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-4w8m-96v9-2c86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62376?format=json","purl":"pkg:composer/moodle/moodle@2.0.6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/62377?format=json","purl":"pkg:composer/moodle/moodle@2.1.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.1.3"}],"aliases":["CVE-2011-4203","GHSA-4w8m-96v9-2c86"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-atb4-adjz-1uef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43626?format=json","vulnerability_id":"VCID-dt8h-ktfk-2qec","summary":"Moodle Allows Modification of Constants\nThe MoodleQuickForm class in the Forms Library in lib/formslib.php in Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5, and 2.1.x before 2.1.2 does not recognize Forms API setConstant operations, which allows remote attackers to submit unexpected form content by modifying the values of constant fields.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=f1f70bd4dde6cd1ea4bdb8ab28fa3d36a53b89d8","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=f1f70bd4dde6cd1ea4bdb8ab28fa3d36a53b89d8"},{"reference_url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=f1f70bd4dde6cd1ea4bdb8ab28fa3d36a53b89d8","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=f1f70bd4dde6cd1ea4bdb8ab28fa3d36a53b89d8"},{"reference_url":"http://moodle.org/mod/forum/discuss.php?d=188313","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://moodle.org/mod/forum/discuss.php?d=188313"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4301","reference_id":"","reference_type":"","scores":[{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.51044","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4301"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=747444","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=747444"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/1f52e72526c305989eadc702b5299edb2a50ac3c","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/1f52e72526c305989eadc702b5299edb2a50ac3c"},{"reference_url":"https://github.com/moodle/moodle/commit/2a44c5192c875c4f4b4e813d7227b19d8fda86ba","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/2a44c5192c875c4f4b4e813d7227b19d8fda86ba"},{"reference_url":"https://github.com/moodle/moodle/commit/a6f18c98f43b6fc6b8b7c4e96af41cb4a626e1b8","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/a6f18c98f43b6fc6b8b7c4e96af41cb4a626e1b8"},{"reference_url":"https://github.com/moodle/moodle/commit/f1f70bd4dde6cd1ea4bdb8ab28fa3d36a53b89d8","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/f1f70bd4dde6cd1ea4bdb8ab28fa3d36a53b89d8"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4301","reference_id":"CVE-2011-4301","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4301"},{"reference_url":"https://github.com/advisories/GHSA-jcrj-gmr6-p5j8","reference_id":"GHSA-jcrj-gmr6-p5j8","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-jcrj-gmr6-p5j8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62077?format=json","purl":"pkg:composer/moodle/moodle@2.0.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/62078?format=json","purl":"pkg:composer/moodle/moodle@2.1.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.1.2"}],"aliases":["CVE-2011-4301","GHSA-jcrj-gmr6-p5j8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dt8h-ktfk-2qec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42995?format=json","vulnerability_id":"VCID-e2hb-w8g1-xbax","summary":"Incorrect Default Permissions\nMoodle before 2.2.2 has a default repository capabilities issue where all repositories are viewable by all users by default","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1157","reference_id":"","reference_type":"","scores":[{"value":"0.0058","scoring_system":"epss","scoring_elements":"0.69273","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1157"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1157","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1157"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/246c2cb8e5af71a7d7c605b8fc9f9563e0fb3bc4","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/246c2cb8e5af71a7d7c605b8fc9f9563e0fb3bc4"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=198624","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=198624"},{"reference_url":"https://access.redhat.com/security/cve/cve-2012-1157","reference_id":"CVE-2012-1157","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/cve-2012-1157"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-1157","reference_id":"CVE-2012-1157","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-1157"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2012-1157","reference_id":"CVE-2012-1157","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security-tracker.debian.org/tracker/CVE-2012-1157"},{"reference_url":"https://github.com/advisories/GHSA-2x36-7xfm-pgm7","reference_id":"GHSA-2x36-7xfm-pgm7","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-2x36-7xfm-pgm7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/61527?format=json","purl":"pkg:composer/moodle/moodle@2.0.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.8"},{"url":"http://public2.vulnerablecode.io/api/packages/61524?format=json","purl":"pkg:composer/moodle/moodle@2.1.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.1.5"},{"url":"http://public2.vulnerablecode.io/api/packages/61525?format=json","purl":"pkg:composer/moodle/moodle@2.2.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.2.2"}],"aliases":["CVE-2012-1157","GHSA-2x36-7xfm-pgm7"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e2hb-w8g1-xbax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43445?format=json","vulnerability_id":"VCID-ek29-cpbw-77fh","summary":"Moodle vulnerable to Cross-site Scripting\nMultiple cross-site scripting (XSS) vulnerabilities in the media-filter implementation in filter/mediaplugin/filter.php in Moodle 1.9.x before 1.9.11 and 2.0.x before 2.0.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) Flash Video (aka FLV) files and (2) YouTube videos.","references":[{"reference_url":"http://git.moodle.org","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org"},{"reference_url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=8f81bfd412c6b2e93a5b15711727d5cb7cc78336","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=8f81bfd412c6b2e93a5b15711727d5cb7cc78336"},{"reference_url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=8f81bfd412c6b2e93a5b15711727d5cb7cc78336","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=8f81bfd412c6b2e93a5b15711727d5cb7cc78336"},{"reference_url":"http://moodle.org/mod/forum/discuss.php?d=170012","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://moodle.org/mod/forum/discuss.php?d=170012"},{"reference_url":"http://openwall.com/lists/oss-security/2011/11/14/1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/11/14/1"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4286","reference_id":"","reference_type":"","scores":[{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.53289","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4286"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4286","reference_id":"CVE-2011-4286","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4286"},{"reference_url":"https://github.com/advisories/GHSA-86v9-gqh9-8268","reference_id":"GHSA-86v9-gqh9-8268","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-86v9-gqh9-8268"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62050?format=json","purl":"pkg:composer/moodle/moodle@2.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.2"}],"aliases":["CVE-2011-4286","GHSA-86v9-gqh9-8268"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ek29-cpbw-77fh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43723?format=json","vulnerability_id":"VCID-ev8f-4uzk-b3an","summary":"Moodle does not recogniz configuration setting that makes e-mail addresses visible only to course members\nMoodle 2.0.x before 2.0.3 does not recognize the configuration setting that makes e-mail addresses visible only to course members, which allows remote authenticated users to obtain sensitive address information by reading a full profile page.","references":[{"reference_url":"http://git.moodle.org","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org"},{"reference_url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=181991e791a13a3c383234718c26c499e31d3df1","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=181991e791a13a3c383234718c26c499e31d3df1"},{"reference_url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=181991e791a13a3c383234718c26c499e31d3df1","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=181991e791a13a3c383234718c26c499e31d3df1"},{"reference_url":"http://moodle.org/mod/forum/discuss.php?d=175591","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://moodle.org/mod/forum/discuss.php?d=175591"},{"reference_url":"http://openwall.com/lists/oss-security/2011/11/14/1","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/11/14/1"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4289","reference_id":"","reference_type":"","scores":[{"value":"0.00199","scoring_system":"epss","scoring_elements":"0.41837","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4289"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4289","reference_id":"CVE-2011-4289","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4289"},{"reference_url":"https://github.com/advisories/GHSA-3qg4-2fcm-c8f9","reference_id":"GHSA-3qg4-2fcm-c8f9","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-3qg4-2fcm-c8f9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62433?format=json","purl":"pkg:composer/moodle/moodle@2.0.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.3"}],"aliases":["CVE-2011-4289","GHSA-3qg4-2fcm-c8f9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ev8f-4uzk-b3an"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43464?format=json","vulnerability_id":"VCID-fq4z-5wh4-b3b5","summary":"Moodle does not force password changes for autosubscribed users\nadmin/uploaduser_form.php in Moodle 2.0.x before 2.0.3 does not force password changes for autosubscribed users, which makes it easier for remote attackers to obtain access by leveraging knowledge of the initial password of a new user.","references":[{"reference_url":"http://git.moodle.org","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org"},{"reference_url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=22a77963439e00441949440f0517135b3a5418da","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=22a77963439e00441949440f0517135b3a5418da"},{"reference_url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=22a77963439e00441949440f0517135b3a5418da","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=22a77963439e00441949440f0517135b3a5418da"},{"reference_url":"http://moodle.org/mod/forum/discuss.php?d=175588","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://moodle.org/mod/forum/discuss.php?d=175588"},{"reference_url":"http://openwall.com/lists/oss-security/2011/11/14/1","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/11/14/1"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4287","reference_id":"","reference_type":"","scores":[{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65703","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4287"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4287","reference_id":"CVE-2011-4287","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4287"},{"reference_url":"https://github.com/advisories/GHSA-j3x5-cwfj-pfcw","reference_id":"GHSA-j3x5-cwfj-pfcw","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-j3x5-cwfj-pfcw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62050?format=json","purl":"pkg:composer/moodle/moodle@2.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.2"}],"aliases":["CVE-2011-4287","GHSA-j3x5-cwfj-pfcw"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fq4z-5wh4-b3b5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43664?format=json","vulnerability_id":"VCID-fwn7-hez1-ayhj","summary":"Exposure of Sensitive Information to an Unauthorized Actor\nMoodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated administrators to obtain sensitive information from the external repositories of arbitrary users by leveraging the login_as feature.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36426","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36426"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101310.html","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101310.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101358.html","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101358.html"},{"reference_url":"http://openwall.com/lists/oss-security/2013/03/25/2","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2013/03/25/2"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1835","reference_id":"","reference_type":"","scores":[{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53729","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1835"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/31581ae65df05ea64031ac24c8b8f817414f1379","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/31581ae65df05ea64031ac24c8b8f817414f1379"},{"reference_url":"https://github.com/moodle/moodle/commit/6153c8040dd6ecdf03070ad6b538845c263bf722","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/6153c8040dd6ecdf03070ad6b538845c263bf722"},{"reference_url":"https://github.com/moodle/moodle/commit/ded4050f1bb050770df3bc8e78dcfadf815011ea","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/ded4050f1bb050770df3bc8e78dcfadf815011ea"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=225347","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=225347"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1835","reference_id":"CVE-2013-1835","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1835"},{"reference_url":"https://github.com/advisories/GHSA-cc94-hwj3-rf65","reference_id":"GHSA-cc94-hwj3-rf65","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-cc94-hwj3-rf65"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62388?format=json","purl":"pkg:composer/moodle/moodle@2.2.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.2.8"},{"url":"http://public2.vulnerablecode.io/api/packages/62389?format=json","purl":"pkg:composer/moodle/moodle@2.3.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2s6b-tp6p-gue1"},{"vulnerability":"VCID-37pj-u3gh-n7fd"},{"vulnerability":"VCID-65y9-9ur2-pugc"},{"vulnerability":"VCID-83kb-4mk9-t7ge"},{"vulnerability":"VCID-a6pb-47tu-afcg"},{"vulnerability":"VCID-ajkr-fxa1-mkhk"},{"vulnerability":"VCID-an53-nu91-k3d7"},{"vulnerability":"VCID-bjnq-q2nd-1khp"},{"vulnerability":"VCID-duna-st9c-mqbk"},{"vulnerability":"VCID-eaqp-7abt-6kg9"},{"vulnerability":"VCID-eu27-a3px-87ed"},{"vulnerability":"VCID-fsex-f512-pudv"},{"vulnerability":"VCID-jcq6-btgz-fkf6"},{"vulnerability":"VCID-k1bh-ymgt-e7cd"},{"vulnerability":"VCID-k6pw-51st-b3d2"},{"vulnerability":"VCID-k73h-z6j8-gkgz"},{"vulnerability":"VCID-m3np-aebb-8qaa"},{"vulnerability":"VCID-m4zv-e3dn-budf"},{"vulnerability":"VCID-mkfz-e1ft-2bcw"},{"vulnerability":"VCID-nntc-dsz1-e3fp"},{"vulnerability":"VCID-qhv1-wgpm-7fh6"},{"vulnerability":"VCID-r6kn-b963-eqge"},{"vulnerability":"VCID-s6uu-335k-yfbc"},{"vulnerability":"VCID-vb67-yux5-ayhf"},{"vulnerability":"VCID-vfp6-4h8n-bkax"},{"vulnerability":"VCID-w9ca-exua-g7ar"},{"vulnerability":"VCID-x7rg-rsb5-pya7"},{"vulnerability":"VCID-xmm4-zw49-3feh"},{"vulnerability":"VCID-y8up-cqtu-jkdw"},{"vulnerability":"VCID-yghg-775s-vber"},{"vulnerability":"VCID-zjrq-np3y-hua5"},{"vulnerability":"VCID-zwkk-zazw-6fgg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.3.5"},{"url":"http://public2.vulnerablecode.io/api/packages/62390?format=json","purl":"pkg:composer/moodle/moodle@2.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2s6b-tp6p-gue1"},{"vulnerability":"VCID-37pj-u3gh-n7fd"},{"vulnerability":"VCID-65y9-9ur2-pugc"},{"vulnerability":"VCID-83kb-4mk9-t7ge"},{"vulnerability":"VCID-a6pb-47tu-afcg"},{"vulnerability":"VCID-ajkr-fxa1-mkhk"},{"vulnerability":"VCID-an53-nu91-k3d7"},{"vulnerability":"VCID-bjnq-q2nd-1khp"},{"vulnerability":"VCID-duna-st9c-mqbk"},{"vulnerability":"VCID-eaqp-7abt-6kg9"},{"vulnerability":"VCID-eu27-a3px-87ed"},{"vulnerability":"VCID-fsex-f512-pudv"},{"vulnerability":"VCID-jcq6-btgz-fkf6"},{"vulnerability":"VCID-k1bh-ymgt-e7cd"},{"vulnerability":"VCID-k6pw-51st-b3d2"},{"vulnerability":"VCID-k73h-z6j8-gkgz"},{"vulnerability":"VCID-m3np-aebb-8qaa"},{"vulnerability":"VCID-m4zv-e3dn-budf"},{"vulnerability":"VCID-mkfz-e1ft-2bcw"},{"vulnerability":"VCID-nntc-dsz1-e3fp"},{"vulnerability":"VCID-qhv1-wgpm-7fh6"},{"vulnerability":"VCID-r6kn-b963-eqge"},{"vulnerability":"VCID-s6uu-335k-yfbc"},{"vulnerability":"VCID-vb67-yux5-ayhf"},{"vulnerability":"VCID-vfp6-4h8n-bkax"},{"vulnerability":"VCID-w9ca-exua-g7ar"},{"vulnerability":"VCID-x7rg-rsb5-pya7"},{"vulnerability":"VCID-xmm4-zw49-3feh"},{"vulnerability":"VCID-y8up-cqtu-jkdw"},{"vulnerability":"VCID-yghg-775s-vber"},{"vulnerability":"VCID-zjrq-np3y-hua5"},{"vulnerability":"VCID-zwkk-zazw-6fgg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.2"}],"aliases":["CVE-2013-1835","GHSA-cc94-hwj3-rf65"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fwn7-hez1-ayhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42996?format=json","vulnerability_id":"VCID-jbvt-9yy2-afb4","summary":"Exposure of Sensitive Information to an Unauthorized Actor\nMoodle before 2.2.2: Overview report allows users to see hidden courses","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1159","reference_id":"","reference_type":"","scores":[{"value":"0.00946","scoring_system":"epss","scoring_elements":"0.7668","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1159"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1159","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1159"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/31eae0eb1798642a2cabff2fdcf88af721632544","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/31eae0eb1798642a2cabff2fdcf88af721632544"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=198628","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=198628"},{"reference_url":"https://access.redhat.com/security/cve/cve-2012-1159","reference_id":"CVE-2012-1159","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/cve-2012-1159"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-1159","reference_id":"CVE-2012-1159","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-1159"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2012-1159","reference_id":"CVE-2012-1159","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security-tracker.debian.org/tracker/CVE-2012-1159"},{"reference_url":"https://github.com/advisories/GHSA-p9hr-f4xj-8w8r","reference_id":"GHSA-p9hr-f4xj-8w8r","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-p9hr-f4xj-8w8r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/61527?format=json","purl":"pkg:composer/moodle/moodle@2.0.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.8"},{"url":"http://public2.vulnerablecode.io/api/packages/61524?format=json","purl":"pkg:composer/moodle/moodle@2.1.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.1.5"},{"url":"http://public2.vulnerablecode.io/api/packages/61525?format=json","purl":"pkg:composer/moodle/moodle@2.2.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.2.2"}],"aliases":["CVE-2012-1159","GHSA-p9hr-f4xj-8w8r"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jbvt-9yy2-afb4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43728?format=json","vulnerability_id":"VCID-q6wx-c4w3-skh8","summary":"Moodle does not properly restrict access to category and course data\nThe file_browser component in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 does not properly restrict access to category and course data, which allows remote attackers to obtain potentially sensitive information via a request for a file.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=f6b07c4da54a9db24723beb147e8a19a3d487e00","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=f6b07c4da54a9db24723beb147e8a19a3d487e00"},{"reference_url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=f6b07c4da54a9db24723beb147e8a19a3d487e00","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=f6b07c4da54a9db24723beb147e8a19a3d487e00"},{"reference_url":"http://moodle.org/mod/forum/discuss.php?d=188311","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://moodle.org/mod/forum/discuss.php?d=188311"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4300","reference_id":"","reference_type":"","scores":[{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.4959","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4300"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=747444","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=747444"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/6f7c43c7de8f62cd53a7f3b54ad5325cd109c1be","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/6f7c43c7de8f62cd53a7f3b54ad5325cd109c1be"},{"reference_url":"https://github.com/moodle/moodle/commit/81c77993e3808bba68fe24d6bfbac19a41679a6f","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/81c77993e3808bba68fe24d6bfbac19a41679a6f"},{"reference_url":"https://github.com/moodle/moodle/commit/f6b07c4da54a9db24723beb147e8a19a3d487e00","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/f6b07c4da54a9db24723beb147e8a19a3d487e00"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4300","reference_id":"CVE-2011-4300","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4300"},{"reference_url":"https://github.com/advisories/GHSA-9p54-pc88-36c4","reference_id":"GHSA-9p54-pc88-36c4","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-9p54-pc88-36c4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62077?format=json","purl":"pkg:composer/moodle/moodle@2.0.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/62078?format=json","purl":"pkg:composer/moodle/moodle@2.1.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.1.2"}],"aliases":["CVE-2011-4300","GHSA-9p54-pc88-36c4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q6wx-c4w3-skh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43512?format=json","vulnerability_id":"VCID-qpm1-4xwk-sfb2","summary":"Improper Input Validation\nThe error-message functionality in Moodle 1.9.x before 1.9.13, 2.0.x before 2.0.4, and 2.1.x before 2.1.1 does not ensure that a continuation link refers to an http or https URL for the local Moodle instance, which might allow attackers to trick users into visiting arbitrary web sites via unspecified vectors.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=8f9f666c902cb30ef6f519353f38c45a29fdf4a6","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=8f9f666c902cb30ef6f519353f38c45a29fdf4a6"},{"reference_url":"http://moodle.org/mod/forum/discuss.php?d=182737","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://moodle.org/mod/forum/discuss.php?d=182737"},{"reference_url":"http://openwall.com/lists/oss-security/2011/11/14/1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/11/14/1"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4294","reference_id":"","reference_type":"","scores":[{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60726","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4294"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/18c2fcf8f19e00f0e89421d8fd8b7486a6dc6f79","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/18c2fcf8f19e00f0e89421d8fd8b7486a6dc6f79"},{"reference_url":"https://github.com/moodle/moodle/commit/417fdfab6bbdcfc3f5b64704ec06912ae9cd1050","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/417fdfab6bbdcfc3f5b64704ec06912ae9cd1050"},{"reference_url":"https://github.com/moodle/moodle/commit/8f9f666c902cb30ef6f519353f38c45a29fdf4a6","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/8f9f666c902cb30ef6f519353f38c45a29fdf4a6"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4294","reference_id":"CVE-2011-4294","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4294"},{"reference_url":"https://github.com/advisories/GHSA-hxmp-8f47-x9fc","reference_id":"GHSA-hxmp-8f47-x9fc","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-hxmp-8f47-x9fc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62435?format=json","purl":"pkg:composer/moodle/moodle@2.0.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/62436?format=json","purl":"pkg:composer/moodle/moodle@2.1.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.1.1"}],"aliases":["CVE-2011-4294","GHSA-hxmp-8f47-x9fc"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qpm1-4xwk-sfb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43568?format=json","vulnerability_id":"VCID-r7wm-grca-3fgw","summary":"Moodle does not properly manage privileges for WebDAV repositories\nMoodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not properly manage privileges for WebDAV repositories, which allows remote authenticated users to read, modify, or delete arbitrary site-wide repositories by leveraging certain read access.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37852","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37852"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101310.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101310.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101358.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101358.html"},{"reference_url":"http://openwall.com/lists/oss-security/2013/03/25/2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2013/03/25/2"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1836","reference_id":"","reference_type":"","scores":[{"value":"0.00644","scoring_system":"epss","scoring_elements":"0.71061","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1836"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/173a201f90941604ae1811a1b79089be4d78707c","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/173a201f90941604ae1811a1b79089be4d78707c"},{"reference_url":"https://github.com/moodle/moodle/commit/67c858414acb6564cd11f27adb9ffc75e9c8ba7f","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/67c858414acb6564cd11f27adb9ffc75e9c8ba7f"},{"reference_url":"https://github.com/moodle/moodle/commit/ac5fc5953426befb1232106ade9e42ff239d9b63","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/ac5fc5953426befb1232106ade9e42ff239d9b63"},{"reference_url":"https://github.com/moodle/moodle/commit/c512e94e7c972c2ef398d49283edbbdc0cfe8ea1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/c512e94e7c972c2ef398d49283edbbdc0cfe8ea1"},{"reference_url":"https://github.com/moodle/moodle/commit/cb69d2584a0fda3f72cbb6974b155287bc6fcbab","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/cb69d2584a0fda3f72cbb6974b155287bc6fcbab"},{"reference_url":"https://github.com/moodle/moodle/commit/d5a3a922679f9314ffdc7e4769d78e920e588457","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/d5a3a922679f9314ffdc7e4769d78e920e588457"},{"reference_url":"https://github.com/moodle/moodle/commit/e1be68f296addf57e80222e8a697931b0870c816","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/e1be68f296addf57e80222e8a697931b0870c816"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=225348","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=225348"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1836","reference_id":"CVE-2013-1836","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1836"},{"reference_url":"https://github.com/advisories/GHSA-664q-mrxx-2x2v","reference_id":"GHSA-664q-mrxx-2x2v","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-664q-mrxx-2x2v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62388?format=json","purl":"pkg:composer/moodle/moodle@2.2.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.2.8"},{"url":"http://public2.vulnerablecode.io/api/packages/62389?format=json","purl":"pkg:composer/moodle/moodle@2.3.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2s6b-tp6p-gue1"},{"vulnerability":"VCID-37pj-u3gh-n7fd"},{"vulnerability":"VCID-65y9-9ur2-pugc"},{"vulnerability":"VCID-83kb-4mk9-t7ge"},{"vulnerability":"VCID-a6pb-47tu-afcg"},{"vulnerability":"VCID-ajkr-fxa1-mkhk"},{"vulnerability":"VCID-an53-nu91-k3d7"},{"vulnerability":"VCID-bjnq-q2nd-1khp"},{"vulnerability":"VCID-duna-st9c-mqbk"},{"vulnerability":"VCID-eaqp-7abt-6kg9"},{"vulnerability":"VCID-eu27-a3px-87ed"},{"vulnerability":"VCID-fsex-f512-pudv"},{"vulnerability":"VCID-jcq6-btgz-fkf6"},{"vulnerability":"VCID-k1bh-ymgt-e7cd"},{"vulnerability":"VCID-k6pw-51st-b3d2"},{"vulnerability":"VCID-k73h-z6j8-gkgz"},{"vulnerability":"VCID-m3np-aebb-8qaa"},{"vulnerability":"VCID-m4zv-e3dn-budf"},{"vulnerability":"VCID-mkfz-e1ft-2bcw"},{"vulnerability":"VCID-nntc-dsz1-e3fp"},{"vulnerability":"VCID-qhv1-wgpm-7fh6"},{"vulnerability":"VCID-r6kn-b963-eqge"},{"vulnerability":"VCID-s6uu-335k-yfbc"},{"vulnerability":"VCID-vb67-yux5-ayhf"},{"vulnerability":"VCID-vfp6-4h8n-bkax"},{"vulnerability":"VCID-w9ca-exua-g7ar"},{"vulnerability":"VCID-x7rg-rsb5-pya7"},{"vulnerability":"VCID-xmm4-zw49-3feh"},{"vulnerability":"VCID-y8up-cqtu-jkdw"},{"vulnerability":"VCID-yghg-775s-vber"},{"vulnerability":"VCID-zjrq-np3y-hua5"},{"vulnerability":"VCID-zwkk-zazw-6fgg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.3.5"},{"url":"http://public2.vulnerablecode.io/api/packages/62390?format=json","purl":"pkg:composer/moodle/moodle@2.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2s6b-tp6p-gue1"},{"vulnerability":"VCID-37pj-u3gh-n7fd"},{"vulnerability":"VCID-65y9-9ur2-pugc"},{"vulnerability":"VCID-83kb-4mk9-t7ge"},{"vulnerability":"VCID-a6pb-47tu-afcg"},{"vulnerability":"VCID-ajkr-fxa1-mkhk"},{"vulnerability":"VCID-an53-nu91-k3d7"},{"vulnerability":"VCID-bjnq-q2nd-1khp"},{"vulnerability":"VCID-duna-st9c-mqbk"},{"vulnerability":"VCID-eaqp-7abt-6kg9"},{"vulnerability":"VCID-eu27-a3px-87ed"},{"vulnerability":"VCID-fsex-f512-pudv"},{"vulnerability":"VCID-jcq6-btgz-fkf6"},{"vulnerability":"VCID-k1bh-ymgt-e7cd"},{"vulnerability":"VCID-k6pw-51st-b3d2"},{"vulnerability":"VCID-k73h-z6j8-gkgz"},{"vulnerability":"VCID-m3np-aebb-8qaa"},{"vulnerability":"VCID-m4zv-e3dn-budf"},{"vulnerability":"VCID-mkfz-e1ft-2bcw"},{"vulnerability":"VCID-nntc-dsz1-e3fp"},{"vulnerability":"VCID-qhv1-wgpm-7fh6"},{"vulnerability":"VCID-r6kn-b963-eqge"},{"vulnerability":"VCID-s6uu-335k-yfbc"},{"vulnerability":"VCID-vb67-yux5-ayhf"},{"vulnerability":"VCID-vfp6-4h8n-bkax"},{"vulnerability":"VCID-w9ca-exua-g7ar"},{"vulnerability":"VCID-x7rg-rsb5-pya7"},{"vulnerability":"VCID-xmm4-zw49-3feh"},{"vulnerability":"VCID-y8up-cqtu-jkdw"},{"vulnerability":"VCID-yghg-775s-vber"},{"vulnerability":"VCID-zjrq-np3y-hua5"},{"vulnerability":"VCID-zwkk-zazw-6fgg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.2"}],"aliases":["CVE-2013-1836","GHSA-664q-mrxx-2x2v"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r7wm-grca-3fgw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43367?format=json","vulnerability_id":"VCID-scrd-yyjh-gbhw","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site scripting (XSS) vulnerability in the Spike PHPCoverage (aka spikephpcoverage) library, as used in Moodle 2.0.x before 2.0.2 and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=bd654f0ced8af925c27b7c94321f0c299b50b38e","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=bd654f0ced8af925c27b7c94321f0c299b50b38e"},{"reference_url":"http://moodle.org/mod/forum/discuss.php?d=170005","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://moodle.org/mod/forum/discuss.php?d=170005"},{"reference_url":"http://openwall.com/lists/oss-security/2011/11/14/1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/11/14/1"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4280","reference_id":"","reference_type":"","scores":[{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.8387","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4280"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/bd654f0ced8af925c27b7c94321f0c299b50b38e","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/bd654f0ced8af925c27b7c94321f0c299b50b38e"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4280","reference_id":"CVE-2011-4280","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4280"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/35297.txt","reference_id":"CVE-2011-4280;OSVDB-70735","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/35297.txt"},{"reference_url":"https://www.securityfocus.com/bid/46085/info","reference_id":"CVE-2011-4280;OSVDB-70735","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/46085/info"},{"reference_url":"https://github.com/advisories/GHSA-mx5g-3vxh-rgm8","reference_id":"GHSA-mx5g-3vxh-rgm8","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-mx5g-3vxh-rgm8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62050?format=json","purl":"pkg:composer/moodle/moodle@2.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.2"}],"aliases":["CVE-2011-4280","GHSA-mx5g-3vxh-rgm8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-scrd-yyjh-gbhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43589?format=json","vulnerability_id":"VCID-ubt2-hvzj-1kbh","summary":"Moodle Double-Caches Content, Potentially Writing to a File System's Tmp Directory\nThe theme implementation in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1 triggers duplicate caching of Cascading Style Sheets (CSS) and JavaScript content, which allows remote attackers to bypass intended access restrictions and write to an operating-system temporary directory via unspecified vectors.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=e1c2a211f259821910be2cba23679d4176fb00a3","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=e1c2a211f259821910be2cba23679d4176fb00a3"},{"reference_url":"http://moodle.org/mod/forum/discuss.php?d=182736","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://moodle.org/mod/forum/discuss.php?d=182736"},{"reference_url":"http://openwall.com/lists/oss-security/2011/11/14/1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/11/14/1"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4293","reference_id":"","reference_type":"","scores":[{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41211","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4293"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/05f4555422278190ec24a88466ac43c914a7e5d6","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/05f4555422278190ec24a88466ac43c914a7e5d6"},{"reference_url":"https://github.com/moodle/moodle/commit/9a380fbb53429713b3c422a3146456dc97205329","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/9a380fbb53429713b3c422a3146456dc97205329"},{"reference_url":"https://github.com/moodle/moodle/commit/e1c2a211f259821910be2cba23679d4176fb00a3","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/e1c2a211f259821910be2cba23679d4176fb00a3"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4293","reference_id":"CVE-2011-4293","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4293"},{"reference_url":"https://github.com/advisories/GHSA-wxvp-8q8h-r6rr","reference_id":"GHSA-wxvp-8q8h-r6rr","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-wxvp-8q8h-r6rr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62435?format=json","purl":"pkg:composer/moodle/moodle@2.0.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/62436?format=json","purl":"pkg:composer/moodle/moodle@2.1.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.1.1"}],"aliases":["CVE-2011-4293","GHSA-wxvp-8q8h-r6rr"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ubt2-hvzj-1kbh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43499?format=json","vulnerability_id":"VCID-vgxb-fkuj-9fgk","summary":"Exposure of Sensitive Information to an Unauthorized Actor\nrepository/webdav/lib.php in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 includes the WebDAV password in the configuration form, which allows remote authenticated administrators to obtain sensitive information by configuring an instance.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37681","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37681"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101310.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101310.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101358.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101358.html"},{"reference_url":"http://openwall.com/lists/oss-security/2013/03/25/2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2013/03/25/2"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1832","reference_id":"","reference_type":"","scores":[{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46059","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1832"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/0e94caf991d4e399726e5dc0769873d9f753a727","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/0e94caf991d4e399726e5dc0769873d9f753a727"},{"reference_url":"https://github.com/moodle/moodle/commit/46eec6e46b89a7e8e3f08e460d917f2d1a2959d8","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/46eec6e46b89a7e8e3f08e460d917f2d1a2959d8"},{"reference_url":"https://github.com/moodle/moodle/commit/92e592385784ec7ea5b5328a0c3c1608d321ad32","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/92e592385784ec7ea5b5328a0c3c1608d321ad32"},{"reference_url":"https://github.com/moodle/moodle/commit/ce96f23fe15ce6addc2f56af015452c3ea406190","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/ce96f23fe15ce6addc2f56af015452c3ea406190"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=225343","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=225343"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1832","reference_id":"CVE-2013-1832","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1832"},{"reference_url":"https://github.com/advisories/GHSA-pgp5-rcwp-qvfg","reference_id":"GHSA-pgp5-rcwp-qvfg","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-pgp5-rcwp-qvfg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62388?format=json","purl":"pkg:composer/moodle/moodle@2.2.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.2.8"},{"url":"http://public2.vulnerablecode.io/api/packages/62389?format=json","purl":"pkg:composer/moodle/moodle@2.3.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2s6b-tp6p-gue1"},{"vulnerability":"VCID-37pj-u3gh-n7fd"},{"vulnerability":"VCID-65y9-9ur2-pugc"},{"vulnerability":"VCID-83kb-4mk9-t7ge"},{"vulnerability":"VCID-a6pb-47tu-afcg"},{"vulnerability":"VCID-ajkr-fxa1-mkhk"},{"vulnerability":"VCID-an53-nu91-k3d7"},{"vulnerability":"VCID-bjnq-q2nd-1khp"},{"vulnerability":"VCID-duna-st9c-mqbk"},{"vulnerability":"VCID-eaqp-7abt-6kg9"},{"vulnerability":"VCID-eu27-a3px-87ed"},{"vulnerability":"VCID-fsex-f512-pudv"},{"vulnerability":"VCID-jcq6-btgz-fkf6"},{"vulnerability":"VCID-k1bh-ymgt-e7cd"},{"vulnerability":"VCID-k6pw-51st-b3d2"},{"vulnerability":"VCID-k73h-z6j8-gkgz"},{"vulnerability":"VCID-m3np-aebb-8qaa"},{"vulnerability":"VCID-m4zv-e3dn-budf"},{"vulnerability":"VCID-mkfz-e1ft-2bcw"},{"vulnerability":"VCID-nntc-dsz1-e3fp"},{"vulnerability":"VCID-qhv1-wgpm-7fh6"},{"vulnerability":"VCID-r6kn-b963-eqge"},{"vulnerability":"VCID-s6uu-335k-yfbc"},{"vulnerability":"VCID-vb67-yux5-ayhf"},{"vulnerability":"VCID-vfp6-4h8n-bkax"},{"vulnerability":"VCID-w9ca-exua-g7ar"},{"vulnerability":"VCID-x7rg-rsb5-pya7"},{"vulnerability":"VCID-xmm4-zw49-3feh"},{"vulnerability":"VCID-y8up-cqtu-jkdw"},{"vulnerability":"VCID-yghg-775s-vber"},{"vulnerability":"VCID-zjrq-np3y-hua5"},{"vulnerability":"VCID-zwkk-zazw-6fgg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.3.5"},{"url":"http://public2.vulnerablecode.io/api/packages/62390?format=json","purl":"pkg:composer/moodle/moodle@2.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2s6b-tp6p-gue1"},{"vulnerability":"VCID-37pj-u3gh-n7fd"},{"vulnerability":"VCID-65y9-9ur2-pugc"},{"vulnerability":"VCID-83kb-4mk9-t7ge"},{"vulnerability":"VCID-a6pb-47tu-afcg"},{"vulnerability":"VCID-ajkr-fxa1-mkhk"},{"vulnerability":"VCID-an53-nu91-k3d7"},{"vulnerability":"VCID-bjnq-q2nd-1khp"},{"vulnerability":"VCID-duna-st9c-mqbk"},{"vulnerability":"VCID-eaqp-7abt-6kg9"},{"vulnerability":"VCID-eu27-a3px-87ed"},{"vulnerability":"VCID-fsex-f512-pudv"},{"vulnerability":"VCID-jcq6-btgz-fkf6"},{"vulnerability":"VCID-k1bh-ymgt-e7cd"},{"vulnerability":"VCID-k6pw-51st-b3d2"},{"vulnerability":"VCID-k73h-z6j8-gkgz"},{"vulnerability":"VCID-m3np-aebb-8qaa"},{"vulnerability":"VCID-m4zv-e3dn-budf"},{"vulnerability":"VCID-mkfz-e1ft-2bcw"},{"vulnerability":"VCID-nntc-dsz1-e3fp"},{"vulnerability":"VCID-qhv1-wgpm-7fh6"},{"vulnerability":"VCID-r6kn-b963-eqge"},{"vulnerability":"VCID-s6uu-335k-yfbc"},{"vulnerability":"VCID-vb67-yux5-ayhf"},{"vulnerability":"VCID-vfp6-4h8n-bkax"},{"vulnerability":"VCID-w9ca-exua-g7ar"},{"vulnerability":"VCID-x7rg-rsb5-pya7"},{"vulnerability":"VCID-xmm4-zw49-3feh"},{"vulnerability":"VCID-y8up-cqtu-jkdw"},{"vulnerability":"VCID-yghg-775s-vber"},{"vulnerability":"VCID-zjrq-np3y-hua5"},{"vulnerability":"VCID-zwkk-zazw-6fgg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.2"}],"aliases":["CVE-2013-1832","GHSA-pgp5-rcwp-qvfg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vgxb-fkuj-9fgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43454?format=json","vulnerability_id":"VCID-yyug-rt71-yfds","summary":"Moodle Users Can Bypass Deleted Status\nThe webservices functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 allows remote authenticated users to bypass the deleted status and continue using a server via a token.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-28126","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-28126"},{"reference_url":"http://moodle.org/mod/forum/discuss.php?d=194016","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://moodle.org/mod/forum/discuss.php?d=194016"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0797","reference_id":"","reference_type":"","scores":[{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34318","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0797"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=783532","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=783532"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/364622b4662d9f349f3701ed548cda2f31491fea","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/364622b4662d9f349f3701ed548cda2f31491fea"},{"reference_url":"https://github.com/moodle/moodle/commit/bbcde38b334ecbfa2a18b01b77a7e995b2c0d9f7","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/bbcde38b334ecbfa2a18b01b77a7e995b2c0d9f7"},{"reference_url":"https://github.com/moodle/moodle/commit/dbfa519ad9e4d33ac3a4cd506d606d56a2f0bbff","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/dbfa519ad9e4d33ac3a4cd506d606d56a2f0bbff"},{"reference_url":"https://github.com/moodle/moodle/commit/e922d9a90bab337b1082fbe28c352c18cae2580e","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/e922d9a90bab337b1082fbe28c352c18cae2580e"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-0797","reference_id":"CVE-2012-0797","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-0797"},{"reference_url":"https://github.com/advisories/GHSA-72gv-qqrp-h9qg","reference_id":"GHSA-72gv-qqrp-h9qg","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-72gv-qqrp-h9qg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/61519?format=json","purl":"pkg:composer/moodle/moodle@2.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4cdk-8y5v-nba1"},{"vulnerability":"VCID-e2hb-w8g1-xbax"},{"vulnerability":"VCID-jbvt-9yy2-afb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.7"},{"url":"http://public2.vulnerablecode.io/api/packages/61521?format=json","purl":"pkg:composer/moodle/moodle@2.1.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4cdk-8y5v-nba1"},{"vulnerability":"VCID-e2hb-w8g1-xbax"},{"vulnerability":"VCID-jbvt-9yy2-afb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.1.4"},{"url":"http://public2.vulnerablecode.io/api/packages/61523?format=json","purl":"pkg:composer/moodle/moodle@2.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4cdk-8y5v-nba1"},{"vulnerability":"VCID-e2hb-w8g1-xbax"},{"vulnerability":"VCID-jbvt-9yy2-afb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.2.1"}],"aliases":["CVE-2012-0797","GHSA-72gv-qqrp-h9qg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yyug-rt71-yfds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43511?format=json","vulnerability_id":"VCID-zhfc-drsr-27ae","summary":"Moodle allows remote authenticated users to cause a denial of service (invalid database records)\nMoodle 2.0.x before 2.0.3 allows remote authenticated users to cause a denial of service (invalid database records) via a series of crafted comments operations.","references":[{"reference_url":"http://git.moodle.org","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org"},{"reference_url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=acb4688d29a7cc028803ee3d81edc7f1b6515c64","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=acb4688d29a7cc028803ee3d81edc7f1b6515c64"},{"reference_url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=acb4688d29a7cc028803ee3d81edc7f1b6515c64","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=acb4688d29a7cc028803ee3d81edc7f1b6515c64"},{"reference_url":"http://moodle.org/mod/forum/discuss.php?d=175594","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://moodle.org/mod/forum/discuss.php?d=175594"},{"reference_url":"http://openwall.com/lists/oss-security/2011/11/14/1","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/11/14/1"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4292","reference_id":"","reference_type":"","scores":[{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68788","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4292"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4292","reference_id":"CVE-2011-4292","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4292"},{"reference_url":"https://github.com/advisories/GHSA-fhgh-fjh9-vq62","reference_id":"GHSA-fhgh-fjh9-vq62","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-fhgh-fjh9-vq62"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62433?format=json","purl":"pkg:composer/moodle/moodle@2.0.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.3"}],"aliases":["CVE-2011-4292","GHSA-fhgh-fjh9-vq62"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zhfc-drsr-27ae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43421?format=json","vulnerability_id":"VCID-zvsh-te3w-qyec","summary":"Moodle vulnerable to Cross-Site Request Forgery\nMultiple cross-site request forgery (CSRF) vulnerabilities in Moodle 2.0.x before 2.0.2 allow remote attackers to hijack the authentication of arbitrary users for requests that mark the completion of (1) an activity or (2) a course.","references":[{"reference_url":"http://git.moodle.org","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org"},{"reference_url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=9cedb80c5d6318aa17cd66912d37e6ef3dca9455","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=9cedb80c5d6318aa17cd66912d37e6ef3dca9455"},{"reference_url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=9cedb80c5d6318aa17cd66912d37e6ef3dca9455","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git;a=commit;h=9cedb80c5d6318aa17cd66912d37e6ef3dca9455"},{"reference_url":"http://moodle.org/mod/forum/discuss.php?d=170006","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://moodle.org/mod/forum/discuss.php?d=170006"},{"reference_url":"http://openwall.com/lists/oss-security/2011/11/14/1","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/11/14/1"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4281","reference_id":"","reference_type":"","scores":[{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31407","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4281"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4281","reference_id":"CVE-2011-4281","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4281"},{"reference_url":"https://github.com/advisories/GHSA-m97f-x4mr-4x3q","reference_id":"GHSA-m97f-x4mr-4x3q","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-m97f-x4mr-4x3q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62050?format=json","purl":"pkg:composer/moodle/moodle@2.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.2"}],"aliases":["CVE-2011-4281","GHSA-m97f-x4mr-4x3q"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zvsh-te3w-qyec"}],"fixing_vulnerabilities":[],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.0"}