Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/moodle/moodle@3.9.24
Typecomposer
Namespacemoodle
Namemoodle
Version3.9.24
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version3.10.2
Latest_non_vulnerable_version5.1.2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-3898-265t-1yd5
vulnerability_id VCID-3898-265t-1yd5
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79509
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79509
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5544
reference_id
reference_type
scores
0
value 0.00177
scoring_system epss
scoring_elements 0.38939
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5544
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2243443
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=2243443
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/5fec728be9df3c9fc282cd0897c73ca5cfcfea5f
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/5fec728be9df3c9fc282cd0897c73ca5cfcfea5f
5
reference_url https://moodle.org/mod/forum/discuss.php?d=451585
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=451585
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-5544
reference_id CVE-2023-5544
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-5544
7
reference_url https://github.com/advisories/GHSA-j5xf-gv89-g422
reference_id GHSA-j5xf-gv89-g422
reference_type
scores
url https://github.com/advisories/GHSA-j5xf-gv89-g422
fixed_packages
0
url pkg:composer/moodle/moodle@3.9.24
purl pkg:composer/moodle/moodle@3.9.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.24
1
url pkg:composer/moodle/moodle@3.11.17
purl pkg:composer/moodle/moodle@3.11.17
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.17
2
url pkg:composer/moodle/moodle@4.0.11
purl pkg:composer/moodle/moodle@4.0.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.11
3
url pkg:composer/moodle/moodle@4.1.6
purl pkg:composer/moodle/moodle@4.1.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.6
4
url pkg:composer/moodle/moodle@4.2.3
purl pkg:composer/moodle/moodle@4.2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3
5
url pkg:composer/moodle/moodle@4.3.0-rc2
purl pkg:composer/moodle/moodle@4.3.0-rc2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2
aliases CVE-2023-5544, GHSA-j5xf-gv89-g422
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3898-265t-1yd5
1
url VCID-3pgc-yptg-tuaa
vulnerability_id VCID-3pgc-yptg-tuaa
summary 
Moodle Exposure of Sensitive Information to an Unauthorized Actor vulnerability
H5P metadata automatically populated the author with the user's username, which could be sensitive information.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-78820
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T19:58:29Z/
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-78820
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5545
reference_id
reference_type
scores
0
value 0.00277
scoring_system epss
scoring_elements 0.51339
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5545
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2243444
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T19:58:29Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2243444
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/100ac7c6467a7de2c05713a0a924984ff1593d53
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/100ac7c6467a7de2c05713a0a924984ff1593d53
5
reference_url https://moodle.org/mod/forum/discuss.php?d=451586
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T19:58:29Z/
url https://moodle.org/mod/forum/discuss.php?d=451586
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-5545
reference_id CVE-2023-5545
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-5545
7
reference_url https://github.com/advisories/GHSA-26fg-v32r-h663
reference_id GHSA-26fg-v32r-h663
reference_type
scores
url https://github.com/advisories/GHSA-26fg-v32r-h663
fixed_packages
0
url pkg:composer/moodle/moodle@3.9.24
purl pkg:composer/moodle/moodle@3.9.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.24
1
url pkg:composer/moodle/moodle@3.11.17
purl pkg:composer/moodle/moodle@3.11.17
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.17
2
url pkg:composer/moodle/moodle@4.0.11
purl pkg:composer/moodle/moodle@4.0.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.11
3
url pkg:composer/moodle/moodle@4.1.6
purl pkg:composer/moodle/moodle@4.1.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.6
4
url pkg:composer/moodle/moodle@4.2.3
purl pkg:composer/moodle/moodle@4.2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3
5
url pkg:composer/moodle/moodle@4.3.0-rc2
purl pkg:composer/moodle/moodle@4.3.0-rc2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2
aliases CVE-2023-5545, GHSA-26fg-v32r-h663
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3pgc-yptg-tuaa
2
url VCID-57pd-ath8-1yf9
vulnerability_id VCID-57pd-ath8-1yf9
summary 
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
A remote code execution risk was identified in the Lesson activity. By default this was only available to teachers and managers.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79408
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-03T18:23:49Z/
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79408
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5539
reference_id
reference_type
scores
0
value 0.022
scoring_system epss
scoring_elements 0.847
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5539
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2243352
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-03T18:23:49Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2243352
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/ba974a4add981743b5a37c5bcc4714c62f6052ce
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/ba974a4add981743b5a37c5bcc4714c62f6052ce
5
reference_url https://moodle.org/mod/forum/discuss.php?d=451580
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-03T18:23:49Z/
url https://moodle.org/mod/forum/discuss.php?d=451580
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-5539
reference_id CVE-2023-5539
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-5539
7
reference_url https://github.com/advisories/GHSA-3xxm-3g3c-w579
reference_id GHSA-3xxm-3g3c-w579
reference_type
scores
url https://github.com/advisories/GHSA-3xxm-3g3c-w579
fixed_packages
0
url pkg:composer/moodle/moodle@3.9.24
purl pkg:composer/moodle/moodle@3.9.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.24
1
url pkg:composer/moodle/moodle@3.11.17
purl pkg:composer/moodle/moodle@3.11.17
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.17
2
url pkg:composer/moodle/moodle@4.0.11
purl pkg:composer/moodle/moodle@4.0.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.11
3
url pkg:composer/moodle/moodle@4.1.6
purl pkg:composer/moodle/moodle@4.1.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.6
4
url pkg:composer/moodle/moodle@4.2.3
purl pkg:composer/moodle/moodle@4.2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3
5
url pkg:composer/moodle/moodle@4.3.0-rc2
purl pkg:composer/moodle/moodle@4.3.0-rc2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2
aliases CVE-2023-5539, GHSA-3xxm-3g3c-w579
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-57pd-ath8-1yf9
3
url VCID-5v9k-wk4u-uuf9
vulnerability_id VCID-5v9k-wk4u-uuf9
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The course upload preview contained an XSS risk for users uploading unsafe data.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79455
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T13:25:11Z/
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79455
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5547
reference_id
reference_type
scores
0
value 0.00139
scoring_system epss
scoring_elements 0.33706
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5547
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2243447
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T13:25:11Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2243447
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/833e818f022cce8373922afaa0cc6c8726b6b079
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/833e818f022cce8373922afaa0cc6c8726b6b079
5
reference_url https://github.com/moodle/moodle/commit/ef67f43c67e00c271658e42fc2e9cbe5fc94a87e
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/ef67f43c67e00c271658e42fc2e9cbe5fc94a87e
6
reference_url https://moodle.org/mod/forum/discuss.php?d=451588
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T13:25:11Z/
url https://moodle.org/mod/forum/discuss.php?d=451588
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-5547
reference_id CVE-2023-5547
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-5547
8
reference_url https://github.com/advisories/GHSA-9gqp-3g28-w9xc
reference_id GHSA-9gqp-3g28-w9xc
reference_type
scores
url https://github.com/advisories/GHSA-9gqp-3g28-w9xc
fixed_packages
0
url pkg:composer/moodle/moodle@3.9.24
purl pkg:composer/moodle/moodle@3.9.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.24
1
url pkg:composer/moodle/moodle@3.11.17
purl pkg:composer/moodle/moodle@3.11.17
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.17
2
url pkg:composer/moodle/moodle@4.0.11
purl pkg:composer/moodle/moodle@4.0.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.11
3
url pkg:composer/moodle/moodle@4.1.6
purl pkg:composer/moodle/moodle@4.1.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.6
4
url pkg:composer/moodle/moodle@4.2.3
purl pkg:composer/moodle/moodle@4.2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3
5
url pkg:composer/moodle/moodle@4.3.0-rc2
purl pkg:composer/moodle/moodle@4.3.0-rc2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2
aliases CVE-2023-5547, GHSA-9gqp-3g28-w9xc
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5v9k-wk4u-uuf9
4
url VCID-9rv1-hn65-dbhe
vulnerability_id VCID-9rv1-hn65-dbhe
summary 
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79409
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-22T20:12:01Z/
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79409
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5540
reference_id
reference_type
scores
0
value 0.022
scoring_system epss
scoring_elements 0.847
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5540
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2243432
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-22T20:12:01Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2243432
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/3400ae6510b11202aa9d86f7e75b3dff10d81522
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/3400ae6510b11202aa9d86f7e75b3dff10d81522
5
reference_url https://moodle.org/mod/forum/discuss.php?d=451581
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-22T20:12:01Z/
url https://moodle.org/mod/forum/discuss.php?d=451581
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-5540
reference_id CVE-2023-5540
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-5540
7
reference_url https://github.com/advisories/GHSA-w8x2-w4qr-v3x4
reference_id GHSA-w8x2-w4qr-v3x4
reference_type
scores
url https://github.com/advisories/GHSA-w8x2-w4qr-v3x4
fixed_packages
0
url pkg:composer/moodle/moodle@3.9.24
purl pkg:composer/moodle/moodle@3.9.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.24
1
url pkg:composer/moodle/moodle@3.11.17
purl pkg:composer/moodle/moodle@3.11.17
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.17
2
url pkg:composer/moodle/moodle@4.0.11
purl pkg:composer/moodle/moodle@4.0.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.11
3
url pkg:composer/moodle/moodle@4.1.6
purl pkg:composer/moodle/moodle@4.1.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.6
4
url pkg:composer/moodle/moodle@4.2.3
purl pkg:composer/moodle/moodle@4.2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3
5
url pkg:composer/moodle/moodle@4.3.0-rc2
purl pkg:composer/moodle/moodle@4.3.0-rc2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2
aliases CVE-2023-5540, GHSA-w8x2-w4qr-v3x4
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9rv1-hn65-dbhe
5
url VCID-a8pk-18gr-mubw
vulnerability_id VCID-a8pk-18gr-mubw
summary 
Moodle Exposure of Sensitive Information to an Unauthorized Actor vulnerability
Separate Groups mode restrictions were not honoured in the forum summary report, which would display users from other groups.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79310
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T13:23:28Z/
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79310
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5551
reference_id
reference_type
scores
0
value 0.00073
scoring_system epss
scoring_elements 0.22185
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5551
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2243453
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T13:23:28Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2243453
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/2bb6c551cf2e7be29857db35388911b8179394b0
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/2bb6c551cf2e7be29857db35388911b8179394b0
5
reference_url https://github.com/moodle/moodle/commit/6de45d2c9f7dd7b24210ab0310c296366a82986a
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/6de45d2c9f7dd7b24210ab0310c296366a82986a
6
reference_url https://github.com/moodle/moodle/commit/b91feb0b2328cdda2561d68b8dfe2a129190bc85
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/b91feb0b2328cdda2561d68b8dfe2a129190bc85
7
reference_url https://moodle.org/mod/forum/discuss.php?d=451592
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T13:23:28Z/
url https://moodle.org/mod/forum/discuss.php?d=451592
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-5551
reference_id CVE-2023-5551
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-5551
9
reference_url https://github.com/advisories/GHSA-jr83-8x65-xcr5
reference_id GHSA-jr83-8x65-xcr5
reference_type
scores
url https://github.com/advisories/GHSA-jr83-8x65-xcr5
fixed_packages
0
url pkg:composer/moodle/moodle@3.9.24
purl pkg:composer/moodle/moodle@3.9.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.24
1
url pkg:composer/moodle/moodle@3.11.17
purl pkg:composer/moodle/moodle@3.11.17
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.17
2
url pkg:composer/moodle/moodle@4.0.11
purl pkg:composer/moodle/moodle@4.0.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.11
3
url pkg:composer/moodle/moodle@4.1.6
purl pkg:composer/moodle/moodle@4.1.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.6
4
url pkg:composer/moodle/moodle@4.2.3
purl pkg:composer/moodle/moodle@4.2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3
5
url pkg:composer/moodle/moodle@4.3.0-rc2
purl pkg:composer/moodle/moodle@4.3.0-rc2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2
aliases CVE-2023-5551, GHSA-jr83-8x65-xcr5
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a8pk-18gr-mubw
6
url VCID-cpxg-pzcj-73gn
vulnerability_id VCID-cpxg-pzcj-73gn
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The CSV grade import method contained an XSS risk for users importing the spreadsheet, if it contained unsafe content.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79426
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T20:18:35Z/
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79426
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5541
reference_id
reference_type
scores
0
value 0.00139
scoring_system epss
scoring_elements 0.33706
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5541
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2243437
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T20:18:35Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2243437
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/f5f6ce375e37da902afb043c6b506129fc433233
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/f5f6ce375e37da902afb043c6b506129fc433233
5
reference_url https://moodle.org/mod/forum/discuss.php?d=451582
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T20:18:35Z/
url https://moodle.org/mod/forum/discuss.php?d=451582
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-5541
reference_id CVE-2023-5541
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-5541
7
reference_url https://github.com/advisories/GHSA-28gc-4qq5-8q26
reference_id GHSA-28gc-4qq5-8q26
reference_type
scores
url https://github.com/advisories/GHSA-28gc-4qq5-8q26
fixed_packages
0
url pkg:composer/moodle/moodle@3.9.24
purl pkg:composer/moodle/moodle@3.9.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.24
1
url pkg:composer/moodle/moodle@3.11.17
purl pkg:composer/moodle/moodle@3.11.17
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.17
2
url pkg:composer/moodle/moodle@4.0.11
purl pkg:composer/moodle/moodle@4.0.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.11
3
url pkg:composer/moodle/moodle@4.1.6
purl pkg:composer/moodle/moodle@4.1.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.6
4
url pkg:composer/moodle/moodle@4.2.3
purl pkg:composer/moodle/moodle@4.2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3
5
url pkg:composer/moodle/moodle@4.3.0-rc2
purl pkg:composer/moodle/moodle@4.3.0-rc2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2
aliases CVE-2023-5541, GHSA-28gc-4qq5-8q26
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cpxg-pzcj-73gn
7
url VCID-fb4d-p8pw-yka4
vulnerability_id VCID-fb4d-p8pw-yka4
summary 
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user who also has direct access to the web server outside of the Moodle webroot could utilise a local file include to achieve remote code execution.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-72249
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T19:58:39Z/
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-72249
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5550
reference_id
reference_type
scores
0
value 0.01474
scoring_system epss
scoring_elements 0.81264
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5550
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2243452
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T19:58:39Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2243452
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/77766f9c8af8fc8d861d7ac09ce4e1f6e72faca7
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/77766f9c8af8fc8d861d7ac09ce4e1f6e72faca7
5
reference_url https://moodle.org/mod/forum/discuss.php?d=451591
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T19:58:39Z/
url https://moodle.org/mod/forum/discuss.php?d=451591
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-5550
reference_id CVE-2023-5550
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-5550
7
reference_url https://github.com/advisories/GHSA-5cvx-cwpx-9rjh
reference_id GHSA-5cvx-cwpx-9rjh
reference_type
scores
url https://github.com/advisories/GHSA-5cvx-cwpx-9rjh
fixed_packages
0
url pkg:composer/moodle/moodle@3.9.24
purl pkg:composer/moodle/moodle@3.9.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.24
1
url pkg:composer/moodle/moodle@3.11.17
purl pkg:composer/moodle/moodle@3.11.17
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.17
2
url pkg:composer/moodle/moodle@4.0.11
purl pkg:composer/moodle/moodle@4.0.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.11
3
url pkg:composer/moodle/moodle@4.1.6
purl pkg:composer/moodle/moodle@4.1.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.6
4
url pkg:composer/moodle/moodle@4.2.3
purl pkg:composer/moodle/moodle@4.2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3
5
url pkg:composer/moodle/moodle@4.3.0-rc2
purl pkg:composer/moodle/moodle@4.3.0-rc2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2
aliases CVE-2023-5550, GHSA-5cvx-cwpx-9rjh
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fb4d-p8pw-yka4
8
url VCID-gqwn-qskg-qbc7
vulnerability_id VCID-gqwn-qskg-qbc7
summary 
Moodle Acceptance of Extraneous Untrusted Data With Trusted Data vulnerability
Stronger revision number limitations were required on file serving endpoints to improve cache poisoning protection.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77846
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77846
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5548
reference_id
reference_type
scores
0
value 0.00277
scoring_system epss
scoring_elements 0.51338
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5548
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2243449
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=2243449
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/7679452caff6faa33f00d3f0589c5190bc01a933
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/7679452caff6faa33f00d3f0589c5190bc01a933
5
reference_url https://moodle.org/mod/forum/discuss.php?d=451589
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=451589
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-5548
reference_id CVE-2023-5548
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-5548
7
reference_url https://github.com/advisories/GHSA-cwh2-q44x-5w3c
reference_id GHSA-cwh2-q44x-5w3c
reference_type
scores
url https://github.com/advisories/GHSA-cwh2-q44x-5w3c
fixed_packages
0
url pkg:composer/moodle/moodle@3.9.24
purl pkg:composer/moodle/moodle@3.9.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.24
1
url pkg:composer/moodle/moodle@3.11.17
purl pkg:composer/moodle/moodle@3.11.17
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.17
2
url pkg:composer/moodle/moodle@4.0.11
purl pkg:composer/moodle/moodle@4.0.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.11
3
url pkg:composer/moodle/moodle@4.1.6
purl pkg:composer/moodle/moodle@4.1.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.6
4
url pkg:composer/moodle/moodle@4.2.3
purl pkg:composer/moodle/moodle@4.2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3
5
url pkg:composer/moodle/moodle@4.3.0-rc2
purl pkg:composer/moodle/moodle@4.3.0-rc2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2
aliases CVE-2023-5548, GHSA-cwh2-q44x-5w3c
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gqwn-qskg-qbc7
9
url VCID-p9vn-r312-1beg
vulnerability_id VCID-p9vn-r312-1beg
summary 
Moodle Improper Access Control vulnerability
Insufficient web service capability checks made it possible to move categories a user had permission to manage, to a parent category they does not have the capability to manage.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-66730
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T18:16:10Z/
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-66730
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5549
reference_id
reference_type
scores
0
value 0.00256
scoring_system epss
scoring_elements 0.49143
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5549
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2243451
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T18:16:10Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2243451
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/5a765e124c950b1e4313c9bf96ea2dd194f65c75
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/5a765e124c950b1e4313c9bf96ea2dd194f65c75
5
reference_url https://moodle.org/mod/forum/discuss.php?d=451590
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T18:16:10Z/
url https://moodle.org/mod/forum/discuss.php?d=451590
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-5549
reference_id CVE-2023-5549
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-5549
7
reference_url https://github.com/advisories/GHSA-fm5h-58g2-4m3f
reference_id GHSA-fm5h-58g2-4m3f
reference_type
scores
url https://github.com/advisories/GHSA-fm5h-58g2-4m3f
fixed_packages
0
url pkg:composer/moodle/moodle@3.9.24
purl pkg:composer/moodle/moodle@3.9.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.24
1
url pkg:composer/moodle/moodle@3.11.17
purl pkg:composer/moodle/moodle@3.11.17
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.17
2
url pkg:composer/moodle/moodle@4.0.11
purl pkg:composer/moodle/moodle@4.0.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.11
3
url pkg:composer/moodle/moodle@4.1.6
purl pkg:composer/moodle/moodle@4.1.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.6
4
url pkg:composer/moodle/moodle@4.2.3
purl pkg:composer/moodle/moodle@4.2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3
5
url pkg:composer/moodle/moodle@4.3.0-rc2
purl pkg:composer/moodle/moodle@4.3.0-rc2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2
aliases CVE-2023-5549, GHSA-fm5h-58g2-4m3f
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p9vn-r312-1beg
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.24