{"url":"http://public2.vulnerablecode.io/api/packages/68993?format=json","purl":"pkg:composer/moodle/moodle@4.3.3","type":"composer","namespace":"moodle","name":"moodle","version":"4.3.3","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"4.5.9","latest_non_vulnerable_version":"5.1.2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57182?format=json","vulnerability_id":"VCID-17k8-g4xw-b7g9","summary":"Moodle allows IDOR when accessing the cohorts report\nA flaw was discovered in Moodle. Additional checks were required to ensure that users can only access cohort data they are authorized to retrieve.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3647","reference_id":"","reference_type":"","scores":[{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26664","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3647"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359762","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:45Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359762"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/bd6ec0ac84cf0f73ab35e7e244e1f9b06929083a","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/bd6ec0ac84cf0f73ab35e7e244e1f9b06929083a"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=467607","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:45Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=467607"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-3647","reference_id":"CVE-2025-3647","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:45Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-3647"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-3647","reference_id":"CVE-2025-3647","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-3647"},{"reference_url":"https://github.com/advisories/GHSA-34g7-pg9j-pxgp","reference_id":"GHSA-34g7-pg9j-pxgp","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-34g7-pg9j-pxgp"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84925?format=json","purl":"pkg:composer/moodle/moodle@4.3.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.12"},{"url":"http://public2.vulnerablecode.io/api/packages/84926?format=json","purl":"pkg:composer/moodle/moodle@4.4.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.8"},{"url":"http://public2.vulnerablecode.io/api/packages/84927?format=json","purl":"pkg:composer/moodle/moodle@4.5.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-3m96-nmxm-tfgz"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-ey6g-spfk-7bcw"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.4"}],"aliases":["CVE-2025-3647","GHSA-34g7-pg9j-pxgp"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-17k8-g4xw-b7g9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48125?format=json","vulnerability_id":"VCID-1efm-18zh-w7gm","summary":"Moodle exposed the names of hidden groups to users who had permission to create calendar events but not to view hidden groups. This could reveal private or restricted group information.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62400","reference_id":"","reference_type":"","scores":[{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18843","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62400"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2404433","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-23T14:48:02Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2404433"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/0c70d67059658879a71152ea075c74154a627d05","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/0c70d67059658879a71152ea075c74154a627d05"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=470389","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=470389"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-62400","reference_id":"CVE-2025-62400","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-23T14:48:02Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-62400"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-62400","reference_id":"CVE-2025-62400","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-62400"},{"reference_url":"https://github.com/advisories/GHSA-422v-w6c5-vq42","reference_id":"GHSA-422v-w6c5-vq42","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-422v-w6c5-vq42"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/71069?format=json","purl":"pkg:composer/moodle/moodle@4.4.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.11"},{"url":"http://public2.vulnerablecode.io/api/packages/71068?format=json","purl":"pkg:composer/moodle/moodle@4.5.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.7"},{"url":"http://public2.vulnerablecode.io/api/packages/71064?format=json","purl":"pkg:composer/moodle/moodle@5.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.0.3"}],"aliases":["CVE-2025-62400","GHSA-422v-w6c5-vq42"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1efm-18zh-w7gm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57186?format=json","vulnerability_id":"VCID-1wup-hjxg-f7g4","summary":"Moodle shows hidden grades to users without permission on some grade reports\nA flaw has been identified in Moodle where insufficient capability checks in certain grade reports allowed users without the necessary permissions to access hidden grades.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81945","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81945"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32045","reference_id":"","reference_type":"","scores":[{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35919","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32045"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2356835","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:37:20Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2356835"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=467086","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=467086"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-32045","reference_id":"CVE-2025-32045","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:37:20Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-32045"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-32045","reference_id":"CVE-2025-32045","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-32045"},{"reference_url":"https://github.com/advisories/GHSA-8m7c-hm88-2p97","reference_id":"GHSA-8m7c-hm88-2p97","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-8m7c-hm88-2p97"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84929?format=json","purl":"pkg:composer/moodle/moodle@4.3.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.11"},{"url":"http://public2.vulnerablecode.io/api/packages/84930?format=json","purl":"pkg:composer/moodle/moodle@4.4.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.7"},{"url":"http://public2.vulnerablecode.io/api/packages/84931?format=json","purl":"pkg:composer/moodle/moodle@4.5.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3m96-nmxm-tfgz"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-ey6g-spfk-7bcw"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wjby-arfq-buby"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.3"}],"aliases":["CVE-2025-32045","GHSA-8m7c-hm88-2p97"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1wup-hjxg-f7g4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56155?format=json","vulnerability_id":"VCID-21mq-pewz-ekdt","summary":"Moodle Cross-site Scripting vulnerability\nA flaw was found in moodle. Insufficient sanitizing of data when performing a restore could result in a cross-site scripting (XSS) risk from malicious backup files.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81394","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81394"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43437","reference_id":"","reference_type":"","scores":[{"value":"0.01529","scoring_system":"epss","scoring_elements":"0.81662","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43437"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304266","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-11T14:28:15Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304266"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=461207","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-11T14:28:15Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=461207"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43437","reference_id":"CVE-2024-43437","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43437"},{"reference_url":"https://github.com/advisories/GHSA-4hjf-6pxr-549h","reference_id":"GHSA-4hjf-6pxr-549h","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-4hjf-6pxr-549h"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83186?format=json","purl":"pkg:composer/moodle/moodle@4.3.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6"},{"url":"http://public2.vulnerablecode.io/api/packages/83187?format=json","purl":"pkg:composer/moodle/moodle@4.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jjsw-9p4b-m3e5"},{"vulnerability":"VCID-kwhy-pkt9-1kfe"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2"}],"aliases":["CVE-2024-43437","GHSA-4hjf-6pxr-549h"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-21mq-pewz-ekdt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57183?format=json","vulnerability_id":"VCID-29mv-feyq-guew","summary":"Moodle has a CSRF risk in user tours manager that allows tour duplication\nA security vulnerability was discovered in Moodle that allows anyone to duplicate existing tours without needing to log in due to a lack of protection against cross-site request forgery (CSRF) attacks.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3635","reference_id":"","reference_type":"","scores":[{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.3457","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3635"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359709","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:43:11Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359709"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/dbd723f81c07423d4082d54cd1d90b1b68c44379","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/dbd723f81c07423d4082d54cd1d90b1b68c44379"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=467597","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=467597"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-3635","reference_id":"CVE-2025-3635","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:43:11Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-3635"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-3635","reference_id":"CVE-2025-3635","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-3635"},{"reference_url":"https://github.com/advisories/GHSA-88xj-97gf-7wpq","reference_id":"GHSA-88xj-97gf-7wpq","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-88xj-97gf-7wpq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84925?format=json","purl":"pkg:composer/moodle/moodle@4.3.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.12"},{"url":"http://public2.vulnerablecode.io/api/packages/84926?format=json","purl":"pkg:composer/moodle/moodle@4.4.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.8"},{"url":"http://public2.vulnerablecode.io/api/packages/84927?format=json","purl":"pkg:composer/moodle/moodle@4.5.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-3m96-nmxm-tfgz"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-ey6g-spfk-7bcw"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.4"}],"aliases":["CVE-2025-3635","GHSA-88xj-97gf-7wpq"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-29mv-feyq-guew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56246?format=json","vulnerability_id":"VCID-2urf-d2qr-abdy","summary":"Moodle Lesson activity password bypass through PHP loose comparison\nA flaw was found in Moodle. When restricting access to a lesson activity with a password, certain passwords could be bypassed or less secure due to a loose comparison in the password-checking logic. This issue only affected passwords set to \"magic hash\" values.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45691","reference_id":"","reference_type":"","scores":[{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.60204","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45691"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309940","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T19:17:16Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309940"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/3fc1073d304f660d2552b591c5fb92547ed01e92","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/3fc1073d304f660d2552b591c5fb92547ed01e92"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=461897#p1854494","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=461897#p1854494"},{"reference_url":"https://moodle.org/security","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/security"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45691","reference_id":"CVE-2024-45691","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45691"},{"reference_url":"https://github.com/advisories/GHSA-xfv7-h2qg-rjm7","reference_id":"GHSA-xfv7-h2qg-rjm7","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-xfv7-h2qg-rjm7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83315?format=json","purl":"pkg:composer/moodle/moodle@4.3.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.7"},{"url":"http://public2.vulnerablecode.io/api/packages/83316?format=json","purl":"pkg:composer/moodle/moodle@4.4.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-kwhy-pkt9-1kfe"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.3"}],"aliases":["CVE-2024-45691","GHSA-xfv7-h2qg-rjm7"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2urf-d2qr-abdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56157?format=json","vulnerability_id":"VCID-2wsu-7rzh-h7cs","summary":"Moodle has user information visibility control issues in gradebook reports\nA flaw was found in moodle. Some hidden user profile fields are visible in gradebook reports, which could result in users without the \"view hidden user fields\" capability having access to the information.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79541","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79541"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43429","reference_id":"","reference_type":"","scores":[{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.53232","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43429"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304257","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T15:15:16Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304257"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=461197","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T15:15:16Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=461197"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43429","reference_id":"CVE-2024-43429","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43429"},{"reference_url":"https://github.com/advisories/GHSA-c767-4whh-v7rw","reference_id":"GHSA-c767-4whh-v7rw","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-c767-4whh-v7rw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83186?format=json","purl":"pkg:composer/moodle/moodle@4.3.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6"},{"url":"http://public2.vulnerablecode.io/api/packages/83187?format=json","purl":"pkg:composer/moodle/moodle@4.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jjsw-9p4b-m3e5"},{"vulnerability":"VCID-kwhy-pkt9-1kfe"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2"}],"aliases":["CVE-2024-43429","GHSA-c767-4whh-v7rw"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2wsu-7rzh-h7cs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55389?format=json","vulnerability_id":"VCID-3nu2-1cwj-sfdd","summary":"Moodle BigBlueButton web service leaks meeting joining information\nInsufficient capability checks meant it was possible for users to gain access to BigBlueButton join URLs they did not have permission to access.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38273","reference_id":"","reference_type":"","scores":[{"value":"0.00199","scoring_system":"epss","scoring_elements":"0.4198","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38273"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/500cec575731fd8575569dcb5811535751dddae1","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/500cec575731fd8575569dcb5811535751dddae1"},{"reference_url":"https://github.com/moodle/moodle/commit/647b9dc06409211018c9f28581504d096ce9e3a8","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/647b9dc06409211018c9f28581504d096ce9e3a8"},{"reference_url":"https://github.com/moodle/moodle/commit/6c0645ca29b195b5caaffc27d80f2ff715c33a48","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/6c0645ca29b195b5caaffc27d80f2ff715c33a48"},{"reference_url":"https://github.com/moodle/moodle/commit/a10506b8d70609478fef156d489e0c7d727b6098","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/a10506b8d70609478fef156d489e0c7d727b6098"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=459498","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-20T18:54:37Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=459498"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38273","reference_id":"CVE-2024-38273","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38273"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6/","reference_id":"F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-20T18:54:37Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6/"},{"reference_url":"https://github.com/advisories/GHSA-x29x-qwvx-fxr2","reference_id":"GHSA-x29x-qwvx-fxr2","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x29x-qwvx-fxr2"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E/","reference_id":"GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-20T18:54:37Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81883?format=json","purl":"pkg:composer/moodle/moodle@4.3.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.5"},{"url":"http://public2.vulnerablecode.io/api/packages/81882?format=json","purl":"pkg:composer/moodle/moodle@4.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-edb5-zwa3-mfam"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jjsw-9p4b-m3e5"},{"vulnerability":"VCID-kwhy-pkt9-1kfe"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.1"}],"aliases":["CVE-2024-38273","GHSA-x29x-qwvx-fxr2"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3nu2-1cwj-sfdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56163?format=json","vulnerability_id":"VCID-3nvq-s7y5-fufr","summary":"Moodle reflected XSS via H5P error message\nA flaw was found in moodle. H5P error messages require additional sanitizing to prevent a reflected cross-site scripting (XSS) risk.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43439","reference_id":"","reference_type":"","scores":[{"value":"0.0129","scoring_system":"epss","scoring_elements":"0.80023","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43439"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304268","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-12T14:50:51Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304268"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/c7d9026715a107ee16b9f9b2134ed4e6f667af99","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/c7d9026715a107ee16b9f9b2134ed4e6f667af99"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=461209","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-12T14:50:51Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=461209"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43439","reference_id":"CVE-2024-43439","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43439"},{"reference_url":"https://github.com/advisories/GHSA-hjgc-jxjc-8v9j","reference_id":"GHSA-hjgc-jxjc-8v9j","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-hjgc-jxjc-8v9j"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83186?format=json","purl":"pkg:composer/moodle/moodle@4.3.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6"},{"url":"http://public2.vulnerablecode.io/api/packages/83187?format=json","purl":"pkg:composer/moodle/moodle@4.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jjsw-9p4b-m3e5"},{"vulnerability":"VCID-kwhy-pkt9-1kfe"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2"}],"aliases":["CVE-2024-43439","GHSA-hjgc-jxjc-8v9j"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3nvq-s7y5-fufr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57192?format=json","vulnerability_id":"VCID-3yre-ft3n-2fd3","summary":"Moodle has an IDOR in messaging web service which allows access to some user details\nA flaw was found in Moodle. Insufficient capability checks in a messaging web service allowed users to view other users' names and online statuses.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3645","reference_id":"","reference_type":"","scores":[{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26664","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3645"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359761","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:48Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359761"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/2fd810c8981f9b10087467a3b8fce779b157200f","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/2fd810c8981f9b10087467a3b8fce779b157200f"},{"reference_url":"https://github.com/moodle/moodle/commit/a8179842b450659c288f284e06361a4fbab8742a","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/a8179842b450659c288f284e06361a4fbab8742a"},{"reference_url":"https://github.com/moodle/moodle/commit/bb65effe41524d8373c1dc499c3323ac469ea558","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/bb65effe41524d8373c1dc499c3323ac469ea558"},{"reference_url":"https://github.com/search?q=repo%3Amoodle%2Fmoodle+MDL-72704&type=commits","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/search?q=repo%3Amoodle%2Fmoodle+MDL-72704&type=commits"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=467606","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:48Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=467606"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-3645","reference_id":"CVE-2025-3645","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:48Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-3645"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-3645","reference_id":"CVE-2025-3645","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-3645"},{"reference_url":"https://github.com/advisories/GHSA-pj96-xh2w-fgqx","reference_id":"GHSA-pj96-xh2w-fgqx","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-pj96-xh2w-fgqx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84925?format=json","purl":"pkg:composer/moodle/moodle@4.3.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.12"},{"url":"http://public2.vulnerablecode.io/api/packages/84926?format=json","purl":"pkg:composer/moodle/moodle@4.4.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.8"},{"url":"http://public2.vulnerablecode.io/api/packages/84927?format=json","purl":"pkg:composer/moodle/moodle@4.5.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-3m96-nmxm-tfgz"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-ey6g-spfk-7bcw"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.4"}],"aliases":["CVE-2025-3645","GHSA-pj96-xh2w-fgqx"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3yre-ft3n-2fd3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55140?format=json","vulnerability_id":"VCID-5ba5-pee7-6kh1","summary":"Moodle stored Cross-site Scripting (XSS)\nAdditional sanitizing was required when opening the equation editor to prevent a stored Cross-site Scripting (XSS) risk when editing another user's equation.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81352","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81352"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33997","reference_id":"","reference_type":"","scores":[{"value":"0.00997","scoring_system":"epss","scoring_elements":"0.77333","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33997"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/25b1b643c873f6d83ae61903012896b2811fa3bb","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/25b1b643c873f6d83ae61903012896b2811fa3bb"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=458385","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-03T16:36:59Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=458385"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-33997","reference_id":"CVE-2024-33997","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-33997"},{"reference_url":"https://github.com/advisories/GHSA-9qgq-93c7-9hm4","reference_id":"GHSA-9qgq-93c7-9hm4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9qgq-93c7-9hm4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81691?format=json","purl":"pkg:composer/moodle/moodle@4.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4"}],"aliases":["CVE-2024-33997","GHSA-9qgq-93c7-9hm4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5ba5-pee7-6kh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55143?format=json","vulnerability_id":"VCID-5s33-v19s-sqd6","summary":"Moodle Cross-site Scripting (XSS)\nID numbers displayed in the lesson overview report required additional sanitizing to prevent a stored XSS risk.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81062","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81062"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34000","reference_id":"","reference_type":"","scores":[{"value":"0.0028","scoring_system":"epss","scoring_elements":"0.51641","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34000"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/4c966677de06bff56d46d55c419049f78e70f017","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/4c966677de06bff56d46d55c419049f78e70f017"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=458388","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-07T16:24:48Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=458388"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34000","reference_id":"CVE-2024-34000","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34000"},{"reference_url":"https://github.com/advisories/GHSA-8qwh-4vwv-7c5m","reference_id":"GHSA-8qwh-4vwv-7c5m","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8qwh-4vwv-7c5m"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81691?format=json","purl":"pkg:composer/moodle/moodle@4.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4"}],"aliases":["CVE-2024-34000","GHSA-8qwh-4vwv-7c5m"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5s33-v19s-sqd6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50291?format=json","vulnerability_id":"VCID-657g-68tv-dkam","summary":"Moodle TeX formula editor is vulnerable to DoS through lack of execution time limits\nA Denial of Service vulnerability was identified in Moodle’s TeX formula editor. When rendering TeX content using mimetex, insufficient execution time limits could allow specially crafted formulas to consume excessive server resources. An authenticated user could abuse this behavior to degrade performance or cause service interruption.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-26047","reference_id":"","reference_type":"","scores":[{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.262","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-26047"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2440905","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-23T19:29:50Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2440905"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/8683b4a04939332e353cad1be51222930dc40b2c","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/8683b4a04939332e353cad1be51222930dc40b2c"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=473316","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=473316"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2026-26047","reference_id":"CVE-2026-26047","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-23T19:29:50Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2026-26047"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-26047","reference_id":"CVE-2026-26047","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-26047"},{"reference_url":"https://github.com/advisories/GHSA-cg8j-5cr2-568q","reference_id":"GHSA-cg8j-5cr2-568q","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cg8j-5cr2-568q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74185?format=json","purl":"pkg:composer/moodle/moodle@4.5.9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.9"},{"url":"http://public2.vulnerablecode.io/api/packages/74184?format=json","purl":"pkg:composer/moodle/moodle@5.0.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/74183?format=json","purl":"pkg:composer/moodle/moodle@5.1.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.1.2"}],"aliases":["CVE-2026-26047","GHSA-cg8j-5cr2-568q"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-657g-68tv-dkam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56707?format=json","vulnerability_id":"VCID-6cvg-r9am-wbh5","summary":"Moodle has a SQL injection risk in course search module list filter\nAn SQL injection risk was identified in the module list filter within course search.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84271","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:35:13Z/"}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84271"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26533","reference_id":"","reference_type":"","scores":[{"value":"0.00402","scoring_system":"epss","scoring_elements":"0.61178","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26533"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/1310e64699807ead6c38ee89354ac57c503c2836","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/1310e64699807ead6c38ee89354ac57c503c2836"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=466150","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:35:13Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=466150"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-26533","reference_id":"CVE-2025-26533","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-26533"},{"reference_url":"https://github.com/advisories/GHSA-rg56-94j7-hjx9","reference_id":"GHSA-rg56-94j7-hjx9","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-rg56-94j7-hjx9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84179?format=json","purl":"pkg:composer/moodle/moodle@4.3.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.10"},{"url":"http://public2.vulnerablecode.io/api/packages/84178?format=json","purl":"pkg:composer/moodle/moodle@4.4.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.6"},{"url":"http://public2.vulnerablecode.io/api/packages/84177?format=json","purl":"pkg:composer/moodle/moodle@4.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3m96-nmxm-tfgz"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-ey6g-spfk-7bcw"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-rgq5-458d-1fhg"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wjby-arfq-buby"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.2"}],"aliases":["CVE-2025-26533","GHSA-rg56-94j7-hjx9"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6cvg-r9am-wbh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56162?format=json","vulnerability_id":"VCID-6p1s-2r14-z7ax","summary":"Moodle admin presets export tool includes some secrets that should not be exported\nA flaw was found in moodle. When creating an export of site administration presets, some sensitive secrets and keys are not being excluded from the export, which could result in them unintentionally being leaked if the presets are shared with a third party.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79373","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79373"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43427","reference_id":"","reference_type":"","scores":[{"value":"0.00632","scoring_system":"epss","scoring_elements":"0.70757","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43427"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304255","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-12T15:02:44Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304255"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=461195","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-12T15:02:44Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=461195"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43427","reference_id":"CVE-2024-43427","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43427"},{"reference_url":"https://github.com/advisories/GHSA-vpq5-56jj-vf2m","reference_id":"GHSA-vpq5-56jj-vf2m","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-vpq5-56jj-vf2m"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83186?format=json","purl":"pkg:composer/moodle/moodle@4.3.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6"},{"url":"http://public2.vulnerablecode.io/api/packages/83187?format=json","purl":"pkg:composer/moodle/moodle@4.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jjsw-9p4b-m3e5"},{"vulnerability":"VCID-kwhy-pkt9-1kfe"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2"}],"aliases":["CVE-2024-43427","GHSA-vpq5-56jj-vf2m"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6p1s-2r14-z7ax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56148?format=json","vulnerability_id":"VCID-7p54-yn8k-aydw","summary":"Moodle Remote Code Execution vulnerability\nA flaw was found in Moodle. Additional restrictions are required to avoid a remote code execution risk in calculated question types. Note: This requires the capability to add/update questions.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-82576","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-82576"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43425","reference_id":"","reference_type":"","scores":[{"value":"0.88917","scoring_system":"epss","scoring_elements":"0.99541","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43425"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304253","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T14:41:20Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304253"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=461193","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T14:41:20Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=461193"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52350.py","reference_id":"CVE-2024-43425","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52350.py"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43425","reference_id":"CVE-2024-43425","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43425"},{"reference_url":"https://github.com/advisories/GHSA-v6f4-v8h8-3c87","reference_id":"GHSA-v6f4-v8h8-3c87","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-v6f4-v8h8-3c87"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83186?format=json","purl":"pkg:composer/moodle/moodle@4.3.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6"},{"url":"http://public2.vulnerablecode.io/api/packages/83187?format=json","purl":"pkg:composer/moodle/moodle@4.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jjsw-9p4b-m3e5"},{"vulnerability":"VCID-kwhy-pkt9-1kfe"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2"}],"aliases":["CVE-2024-43425","GHSA-v6f4-v8h8-3c87"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7p54-yn8k-aydw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48126?format=json","vulnerability_id":"VCID-7trf-g8dq-tua1","summary":"Moodle has a time restriction bypass\nAn issue in Moodle's timed assignment feature allowed students to bypass the time restriction, potentially giving them more time than allowed to complete an assessment.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62401","reference_id":"","reference_type":"","scores":[{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12997","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62401"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2404434","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-23T14:38:17Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2404434"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/78a3fe6c618676dfc53ea538abbfe35e60674eeb","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/78a3fe6c618676dfc53ea538abbfe35e60674eeb"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=470390","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=470390"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-62401","reference_id":"CVE-2025-62401","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-23T14:38:17Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-62401"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-62401","reference_id":"CVE-2025-62401","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-62401"},{"reference_url":"https://github.com/advisories/GHSA-w29j-8phw-ffjf","reference_id":"GHSA-w29j-8phw-ffjf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w29j-8phw-ffjf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/71069?format=json","purl":"pkg:composer/moodle/moodle@4.4.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.11"},{"url":"http://public2.vulnerablecode.io/api/packages/71068?format=json","purl":"pkg:composer/moodle/moodle@4.5.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.7"},{"url":"http://public2.vulnerablecode.io/api/packages/71064?format=json","purl":"pkg:composer/moodle/moodle@5.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.0.3"}],"aliases":["CVE-2025-62401","GHSA-w29j-8phw-ffjf"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7trf-g8dq-tua1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55149?format=json","vulnerability_id":"VCID-84hx-be7m-pfa1","summary":"Moodle Logout CSRF in admin/tool/mfa/auth.php\nThe logout option within MFA did not include the necessary token to avoid the risk of users inadvertently being logged out via CSRF.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-80877","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-80877"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34007","reference_id":"","reference_type":"","scores":[{"value":"0.00688","scoring_system":"epss","scoring_elements":"0.72173","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34007"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=458396","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-21T19:13:49Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=458396"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34007","reference_id":"CVE-2024-34007","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34007"},{"reference_url":"https://github.com/advisories/GHSA-8g5h-gjwq-w5ch","reference_id":"GHSA-8g5h-gjwq-w5ch","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8g5h-gjwq-w5ch"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81691?format=json","purl":"pkg:composer/moodle/moodle@4.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4"}],"aliases":["CVE-2024-34007","GHSA-8g5h-gjwq-w5ch"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-84hx-be7m-pfa1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55137?format=json","vulnerability_id":"VCID-893t-9cja-43g2","summary":"Moodle Unsanitized HTML in site log for config_log_created\nThe site log report required additional encoding of event descriptions to ensure any HTML in the content is displayed in plaintext instead of being rendered.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-80585","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-80585"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34006","reference_id":"","reference_type":"","scores":[{"value":"0.00424","scoring_system":"epss","scoring_elements":"0.62548","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34006"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/cd85e090f3feb06e6eff65d1499a67353d82d3cb","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/cd85e090f3feb06e6eff65d1499a67353d82d3cb"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=458395","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-03T15:10:13Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=458395"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34006","reference_id":"CVE-2024-34006","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34006"},{"reference_url":"https://github.com/advisories/GHSA-vvh5-7v3m-j3mj","reference_id":"GHSA-vvh5-7v3m-j3mj","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vvh5-7v3m-j3mj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81691?format=json","purl":"pkg:composer/moodle/moodle@4.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4"}],"aliases":["CVE-2024-34006","GHSA-vvh5-7v3m-j3mj"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-893t-9cja-43g2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56705?format=json","vulnerability_id":"VCID-8uah-srba-6ubb","summary":"Moodle has an IDOR in badges allows disabling of arbitrary badges\nInsufficient capability checks made it possible to disable badges a user does not have permission to access.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84239","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:19:42Z/"}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84239"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26531","reference_id":"","reference_type":"","scores":[{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.57372","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26531"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=466148","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:19:42Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=466148"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-26531","reference_id":"CVE-2025-26531","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-26531"},{"reference_url":"https://github.com/advisories/GHSA-g88w-v4cq-qgcp","reference_id":"GHSA-g88w-v4cq-qgcp","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-g88w-v4cq-qgcp"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84179?format=json","purl":"pkg:composer/moodle/moodle@4.3.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.10"},{"url":"http://public2.vulnerablecode.io/api/packages/84178?format=json","purl":"pkg:composer/moodle/moodle@4.4.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.6"},{"url":"http://public2.vulnerablecode.io/api/packages/84177?format=json","purl":"pkg:composer/moodle/moodle@4.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3m96-nmxm-tfgz"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-ey6g-spfk-7bcw"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-rgq5-458d-1fhg"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wjby-arfq-buby"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.2"}],"aliases":["CVE-2025-26531","GHSA-g88w-v4cq-qgcp"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8uah-srba-6ubb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56244?format=json","vulnerability_id":"VCID-9rqr-xzr8-5fgf","summary":"Moodle allows users to retrieve information they did not have permission to access\nA flaw was found in Moodle. Dynamic tables did not enforce capability checks, which resulted in users having the ability to retrieve information they did not have permission to access.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45689","reference_id":"","reference_type":"","scores":[{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31459","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45689"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309941","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T19:17:47Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309941"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/bb466df202a4b4a692006298f93cbba20566949c","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/bb466df202a4b4a692006298f93cbba20566949c"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=461894#p1854491","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=461894#p1854491"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45689","reference_id":"CVE-2024-45689","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45689"},{"reference_url":"https://github.com/advisories/GHSA-j822-x5gg-5r56","reference_id":"GHSA-j822-x5gg-5r56","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-j822-x5gg-5r56"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83315?format=json","purl":"pkg:composer/moodle/moodle@4.3.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.7"},{"url":"http://public2.vulnerablecode.io/api/packages/83316?format=json","purl":"pkg:composer/moodle/moodle@4.4.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-kwhy-pkt9-1kfe"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.3"}],"aliases":["CVE-2024-45689","GHSA-j822-x5gg-5r56"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9rqr-xzr8-5fgf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56233?format=json","vulnerability_id":"VCID-9xk9-qb9x-jfcs","summary":"Moodle leaks user names\nA vulnerability was found in Moodle. It is possible for users with the \"send message\" capability to view other users' names that they may not otherwise have access to via an error message in Messaging. Note: The name returned follows the full name format configured on the site.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-48896","reference_id":"","reference_type":"","scores":[{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54503","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-48896"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318822","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-18T14:57:51Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318822"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-48896","reference_id":"CVE-2024-48896","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-48896"},{"reference_url":"https://github.com/advisories/GHSA-cq5f-wv7p-5gfc","reference_id":"GHSA-cq5f-wv7p-5gfc","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-cq5f-wv7p-5gfc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83283?format=json","purl":"pkg:composer/moodle/moodle@4.3.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.8"},{"url":"http://public2.vulnerablecode.io/api/packages/83248?format=json","purl":"pkg:composer/moodle/moodle@4.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.4"}],"aliases":["CVE-2024-48896","GHSA-cq5f-wv7p-5gfc"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9xk9-qb9x-jfcs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56711?format=json","vulnerability_id":"VCID-a1ek-x154-5ydy","summary":"Moodle has an arbitrary file read risk through pdfTeX\nInsufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available (such as\nthose with TeX Live installed).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26525","reference_id":"","reference_type":"","scores":[{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.438","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26525"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84136","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-24T19:59:34Z/"}],"url":"https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84136"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=466141","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-24T19:59:34Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=466141"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-26525","reference_id":"CVE-2025-26525","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-26525"},{"reference_url":"https://github.com/advisories/GHSA-4hmr-39vp-xfrr","reference_id":"GHSA-4hmr-39vp-xfrr","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-4hmr-39vp-xfrr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84179?format=json","purl":"pkg:composer/moodle/moodle@4.3.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.10"},{"url":"http://public2.vulnerablecode.io/api/packages/84178?format=json","purl":"pkg:composer/moodle/moodle@4.4.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.6"},{"url":"http://public2.vulnerablecode.io/api/packages/84177?format=json","purl":"pkg:composer/moodle/moodle@4.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3m96-nmxm-tfgz"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-ey6g-spfk-7bcw"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-rgq5-458d-1fhg"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wjby-arfq-buby"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.2"}],"aliases":["CVE-2025-26525","GHSA-4hmr-39vp-xfrr"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a1ek-x154-5ydy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55390?format=json","vulnerability_id":"VCID-ajrr-8392-kkcw","summary":"Moodle CSRF risks due to misuse of confirm_sesskey\nIncorrect CSRF token checks resulted in multiple CSRF risks.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38276","reference_id":"","reference_type":"","scores":[{"value":"0.00268","scoring_system":"epss","scoring_elements":"0.50527","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38276"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/093aedf79889114d004495f05969168b646b0285","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/093aedf79889114d004495f05969168b646b0285"},{"reference_url":"https://github.com/moodle/moodle/commit/137d311fd1354c679b974633512a771e6e0559a1","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/137d311fd1354c679b974633512a771e6e0559a1"},{"reference_url":"https://github.com/moodle/moodle/commit/30fadc3686fa7490860a0bd87a29636139dfb371","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/30fadc3686fa7490860a0bd87a29636139dfb371"},{"reference_url":"https://github.com/moodle/moodle/commit/31ced0851189a6879e4cd27c7e65d21dd9d6e87e","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/31ced0851189a6879e4cd27c7e65d21dd9d6e87e"},{"reference_url":"https://github.com/moodle/moodle/commit/57f20b6cb352893871c3afdfa8a4c09a96e16764","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/57f20b6cb352893871c3afdfa8a4c09a96e16764"},{"reference_url":"https://github.com/moodle/moodle/commit/756090ed79aa056d0b5f58e7a1dff67f139f76b4","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/756090ed79aa056d0b5f58e7a1dff67f139f76b4"},{"reference_url":"https://github.com/moodle/moodle/commit/9af9711c0a78ebad87d49bcb369ff813bc57d0a7","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/9af9711c0a78ebad87d49bcb369ff813bc57d0a7"},{"reference_url":"https://github.com/moodle/moodle/commit/a0d8c025f732d5c18a2b9d1a8e5cbee35dce86f4","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/a0d8c025f732d5c18a2b9d1a8e5cbee35dce86f4"},{"reference_url":"https://github.com/moodle/moodle/commit/c18b59808cefe7b54c85dce6bf2cc71601080667","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/c18b59808cefe7b54c85dce6bf2cc71601080667"},{"reference_url":"https://github.com/moodle/moodle/commit/c1aacb3e2884ea4dcc221c5ef2e449ce345f78ae","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/c1aacb3e2884ea4dcc221c5ef2e449ce345f78ae"},{"reference_url":"https://github.com/moodle/moodle/commit/c5b1604e8136db6d72057dd8052955058489206c","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/c5b1604e8136db6d72057dd8052955058489206c"},{"reference_url":"https://github.com/moodle/moodle/commit/da8e8cee6ffaf7c184eded97e1016f20c9de0561","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/da8e8cee6ffaf7c184eded97e1016f20c9de0561"},{"reference_url":"https://github.com/moodle/moodle/commit/dc84fcfab06a4a0fe37797b8422e9fe3a1031c3e","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/dc84fcfab06a4a0fe37797b8422e9fe3a1031c3e"},{"reference_url":"https://github.com/moodle/moodle/commit/e1dab5f38166a2ff62983178f7bf8f0ed3a61090","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/e1dab5f38166a2ff62983178f7bf8f0ed3a61090"},{"reference_url":"https://github.com/moodle/moodle/commit/e23f603c41055ab92f9b430cf0e7a54b4e120f95","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/e23f603c41055ab92f9b430cf0e7a54b4e120f95"},{"reference_url":"https://github.com/moodle/moodle/commit/f2807dee5bc777d9c58b7a70cba6e4c21ee02ea1","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/f2807dee5bc777d9c58b7a70cba6e4c21ee02ea1"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=459501","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T17:33:38Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=459501"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38276","reference_id":"CVE-2024-38276","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38276"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6/","reference_id":"F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T17:33:38Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6/"},{"reference_url":"https://github.com/advisories/GHSA-356g-7x36-7m34","reference_id":"GHSA-356g-7x36-7m34","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-356g-7x36-7m34"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E/","reference_id":"GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T17:33:38Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81883?format=json","purl":"pkg:composer/moodle/moodle@4.3.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.5"},{"url":"http://public2.vulnerablecode.io/api/packages/81882?format=json","purl":"pkg:composer/moodle/moodle@4.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-edb5-zwa3-mfam"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jjsw-9p4b-m3e5"},{"vulnerability":"VCID-kwhy-pkt9-1kfe"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.1"}],"aliases":["CVE-2024-38276","GHSA-356g-7x36-7m34"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ajrr-8392-kkcw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55135?format=json","vulnerability_id":"VCID-b3vw-8hzh-dybx","summary":"Moodle Authenticated LFI risk in some misconfigured shared hosting environments\nIn a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore database activity modules and direct access to the web server outside of the Moodle webroot could execute a local file include.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34005","reference_id":"","reference_type":"","scores":[{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.6377","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34005"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/ffa045e09912349ed08d6591ec84cb83e57235cc","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/ffa045e09912349ed08d6591ec84cb83e57235cc"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=458394","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-03T19:36:05Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=458394"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34005","reference_id":"CVE-2024-34005","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34005"},{"reference_url":"https://github.com/advisories/GHSA-r99q-hmqv-xw8w","reference_id":"GHSA-r99q-hmqv-xw8w","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r99q-hmqv-xw8w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81691?format=json","purl":"pkg:composer/moodle/moodle@4.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4"}],"aliases":["CVE-2024-34005","GHSA-r99q-hmqv-xw8w"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b3vw-8hzh-dybx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56159?format=json","vulnerability_id":"VCID-cjvx-m4xg-p7hb","summary":"Moodle's user/power level management inconsistent with suspended users\nA flaw was found in moodle. Matrix room membership and power levels are incorrectly applied and revoked for suspended Moodle users.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81951","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81951"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43433","reference_id":"","reference_type":"","scores":[{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.6283","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43433"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304261","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T15:02:57Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304261"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=461202","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T15:02:57Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=461202"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43433","reference_id":"CVE-2024-43433","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43433"},{"reference_url":"https://github.com/advisories/GHSA-q99x-mjmh-v8w7","reference_id":"GHSA-q99x-mjmh-v8w7","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-q99x-mjmh-v8w7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83186?format=json","purl":"pkg:composer/moodle/moodle@4.3.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6"},{"url":"http://public2.vulnerablecode.io/api/packages/83187?format=json","purl":"pkg:composer/moodle/moodle@4.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jjsw-9p4b-m3e5"},{"vulnerability":"VCID-kwhy-pkt9-1kfe"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2"}],"aliases":["CVE-2024-43433","GHSA-q99x-mjmh-v8w7"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cjvx-m4xg-p7hb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56160?format=json","vulnerability_id":"VCID-d92c-j4yy-fud3","summary":"Moodle authorization headers preserved between \"emulated redirects\"\nA flaw was found in moodle. The cURL wrapper in Moodle strips HTTPAUTH and USERPWD headers during emulated redirects, but retains other original request headers, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-82136","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-82136"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43432","reference_id":"","reference_type":"","scores":[{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56755","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43432"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304260","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T15:06:57Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304260"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=461200","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T15:06:57Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=461200"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43432","reference_id":"CVE-2024-43432","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43432"},{"reference_url":"https://github.com/advisories/GHSA-7wmp-2xmx-g6h8","reference_id":"GHSA-7wmp-2xmx-g6h8","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-7wmp-2xmx-g6h8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83186?format=json","purl":"pkg:composer/moodle/moodle@4.3.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6"},{"url":"http://public2.vulnerablecode.io/api/packages/83187?format=json","purl":"pkg:composer/moodle/moodle@4.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jjsw-9p4b-m3e5"},{"vulnerability":"VCID-kwhy-pkt9-1kfe"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2"}],"aliases":["CVE-2024-43432","GHSA-7wmp-2xmx-g6h8"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d92c-j4yy-fud3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57198?format=json","vulnerability_id":"VCID-dky9-v96e-pubh","summary":"Moodle has an authenticated remote code execution risk in the Moodle LMS Dropbox repository\nA flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS Dropbox repository. By default, this was only available to teachers and managers on sites with the Dropbox repository enabled.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3641","reference_id":"","reference_type":"","scores":[{"value":"0.00667","scoring_system":"epss","scoring_elements":"0.71699","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3641"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359735","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-25T15:38:41Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359735"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/27b839b5c60389623ca8e3496792b43a44527cd6","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/27b839b5c60389623ca8e3496792b43a44527cd6"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=467602","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-25T15:38:41Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=467602"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-3641","reference_id":"CVE-2025-3641","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-25T15:38:41Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-3641"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-3641","reference_id":"CVE-2025-3641","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-3641"},{"reference_url":"https://github.com/advisories/GHSA-c8v6-vxhf-wcrr","reference_id":"GHSA-c8v6-vxhf-wcrr","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-c8v6-vxhf-wcrr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84925?format=json","purl":"pkg:composer/moodle/moodle@4.3.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.12"},{"url":"http://public2.vulnerablecode.io/api/packages/84926?format=json","purl":"pkg:composer/moodle/moodle@4.4.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.8"},{"url":"http://public2.vulnerablecode.io/api/packages/84927?format=json","purl":"pkg:composer/moodle/moodle@4.5.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-3m96-nmxm-tfgz"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-ey6g-spfk-7bcw"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.4"}],"aliases":["CVE-2025-3641","GHSA-c8v6-vxhf-wcrr"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dky9-v96e-pubh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47312?format=json","vulnerability_id":"VCID-dp61-6ban-cyda","summary":"Cross-site Scripting in Moodle Chat\nThe Chat activity in Moodle 4.3.3 allows students to insert a potentially unwanted HTML A element or IMG element, or HTML content that leads to a performance degradation. NOTE: the vendor's Using_Chat page says \"If you know some HTML code, you can use it in your text to do things like insert images, play sounds or create different coloured and sized text.\" This page also says \"Chat is due to be removed from standard Moodle.\"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-28593","reference_id":"","reference_type":"","scores":[{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.34174","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-28593"},{"reference_url":"https://docs.moodle.org/403/en/Using_Chat","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-25T16:47:10Z/"}],"url":"https://docs.moodle.org/403/en/Using_Chat"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://medium.com/%40lamscun/how-do-i-change-htmli-from-low-to-critical-your-email-box-is-safe-e7171efd88fe","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-25T16:47:10Z/"}],"url":"https://medium.com/%40lamscun/how-do-i-change-htmli-from-low-to-critical-your-email-box-is-safe-e7171efd88fe"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-28593","reference_id":"CVE-2024-28593","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-28593"},{"reference_url":"https://gist.githubusercontent.com/minendie/4f23174687bc4d8eb7f727d9959b5399/raw/9ce573cebcce5521d9d6f826ab68f3780036b874/CVE-2024-28593.txt","reference_id":"CVE-2024-28593.TXT","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-25T16:47:10Z/"}],"url":"https://gist.githubusercontent.com/minendie/4f23174687bc4d8eb7f727d9959b5399/raw/9ce573cebcce5521d9d6f826ab68f3780036b874/CVE-2024-28593.txt"},{"reference_url":"https://github.com/advisories/GHSA-f6mh-79vh-2hv7","reference_id":"GHSA-f6mh-79vh-2hv7","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f6mh-79vh-2hv7"}],"fixed_packages":[],"aliases":["CVE-2024-28593","GHSA-f6mh-79vh-2hv7"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dp61-6ban-cyda"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55141?format=json","vulnerability_id":"VCID-evef-t6cx-vqcc","summary":"Moodle broken access control when setting calendar event type\nIncorrect validation of allowed event types in a calendar web service made it possible for some users to create events with types/audiences they did not have permission to publish to.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81247","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81247"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33996","reference_id":"","reference_type":"","scores":[{"value":"0.00175","scoring_system":"epss","scoring_elements":"0.38823","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33996"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=458384#p1840909","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-01T13:14:42Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=458384#p1840909"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-33996","reference_id":"CVE-2024-33996","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-33996"},{"reference_url":"https://github.com/advisories/GHSA-4qww-rxq6-x7gf","reference_id":"GHSA-4qww-rxq6-x7gf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4qww-rxq6-x7gf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81691?format=json","purl":"pkg:composer/moodle/moodle@4.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4"}],"aliases":["CVE-2024-33996","GHSA-4qww-rxq6-x7gf"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-evef-t6cx-vqcc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57181?format=json","vulnerability_id":"VCID-ffp4-23na-rkgr","summary":"Moodle has an authenticated remote code execution risk in the Moodle LMS EQUELLA repository\nA flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS EQUELLA repository. By default, this was only available to teachers and managers on sites with the EQUELLA repository enabled.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3642","reference_id":"","reference_type":"","scores":[{"value":"0.00667","scoring_system":"epss","scoring_elements":"0.71699","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3642"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359738","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-25T15:38:37Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359738"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/630fbf6230ee18d63ce69bea34173fb151b599da","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/630fbf6230ee18d63ce69bea34173fb151b599da"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=467603","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-25T15:38:37Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=467603"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-3642","reference_id":"CVE-2025-3642","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-25T15:38:37Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-3642"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-3642","reference_id":"CVE-2025-3642","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-3642"},{"reference_url":"https://github.com/advisories/GHSA-m367-445c-2xqr","reference_id":"GHSA-m367-445c-2xqr","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-m367-445c-2xqr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84925?format=json","purl":"pkg:composer/moodle/moodle@4.3.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.12"},{"url":"http://public2.vulnerablecode.io/api/packages/84926?format=json","purl":"pkg:composer/moodle/moodle@4.4.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.8"},{"url":"http://public2.vulnerablecode.io/api/packages/84927?format=json","purl":"pkg:composer/moodle/moodle@4.5.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-3m96-nmxm-tfgz"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-ey6g-spfk-7bcw"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.4"}],"aliases":["CVE-2025-3642","GHSA-m367-445c-2xqr"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ffp4-23na-rkgr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55142?format=json","vulnerability_id":"VCID-fz5m-54ja-sbg4","summary":"Moodle Improper Input Validation\nUnsafe direct use of $_SERVER['HTTP_REFERER'] in admin/tool/mfa/index.php. The referrer URL used by MFA required additional sanitizing, rather than being used directly.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-80878","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-80878"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33999","reference_id":"","reference_type":"","scores":[{"value":"0.00808","scoring_system":"epss","scoring_elements":"0.74593","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33999"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=458387","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-08-13T19:55:30Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=458387"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-33999","reference_id":"CVE-2024-33999","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-33999"},{"reference_url":"https://github.com/advisories/GHSA-r2wx-46gp-rp3h","reference_id":"GHSA-r2wx-46gp-rp3h","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r2wx-46gp-rp3h"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81691?format=json","purl":"pkg:composer/moodle/moodle@4.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4"}],"aliases":["CVE-2024-33999","GHSA-r2wx-46gp-rp3h"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fz5m-54ja-sbg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56136?format=json","vulnerability_id":"VCID-g3km-hbas-x3cg","summary":"Moodle has arbitrary file read risk through pdfTeX\nA flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live installed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43426","reference_id":"","reference_type":"","scores":[{"value":"0.00911","scoring_system":"epss","scoring_elements":"0.76223","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43426"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304254","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:41:10Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304254"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-82745","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-82745"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=461194","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:41:10Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=461194"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43426","reference_id":"CVE-2024-43426","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43426"},{"reference_url":"https://github.com/advisories/GHSA-vjmm-r9gg-425m","reference_id":"GHSA-vjmm-r9gg-425m","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-vjmm-r9gg-425m"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83186?format=json","purl":"pkg:composer/moodle/moodle@4.3.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6"},{"url":"http://public2.vulnerablecode.io/api/packages/83187?format=json","purl":"pkg:composer/moodle/moodle@4.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jjsw-9p4b-m3e5"},{"vulnerability":"VCID-kwhy-pkt9-1kfe"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2"}],"aliases":["CVE-2024-43426","GHSA-vjmm-r9gg-425m"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g3km-hbas-x3cg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56709?format=json","vulnerability_id":"VCID-gwnb-e3gt-kqcb","summary":"Moodle allows teachers to evade trusttext config when restoring glossary entries\nAdditional checks were required to ensure trusttext is applied (when enabled) to glossary entries being restored.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84003","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:19:04Z/"}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84003"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26532","reference_id":"","reference_type":"","scores":[{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.57354","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26532"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=466149","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:19:04Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=466149"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-26532","reference_id":"CVE-2025-26532","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-26532"},{"reference_url":"https://github.com/advisories/GHSA-cw24-f6fq-7j9v","reference_id":"GHSA-cw24-f6fq-7j9v","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-cw24-f6fq-7j9v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84179?format=json","purl":"pkg:composer/moodle/moodle@4.3.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.10"},{"url":"http://public2.vulnerablecode.io/api/packages/84178?format=json","purl":"pkg:composer/moodle/moodle@4.4.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.6"},{"url":"http://public2.vulnerablecode.io/api/packages/84177?format=json","purl":"pkg:composer/moodle/moodle@4.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3m96-nmxm-tfgz"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-ey6g-spfk-7bcw"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-rgq5-458d-1fhg"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wjby-arfq-buby"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.2"}],"aliases":["CVE-2025-26532","GHSA-cw24-f6fq-7j9v"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gwnb-e3gt-kqcb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56710?format=json","vulnerability_id":"VCID-gzdw-424p-mqfa","summary":"Moodle's non-searchable tags can still be discovered on the tag search page and in the tags block\nTags not expected to be visible to a user could still be discovered by them via the tag search page or in the tags block.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-83941","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-24T19:57:30Z/"}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-83941"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26527","reference_id":"","reference_type":"","scores":[{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58836","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26527"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=466143","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-24T19:57:30Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=466143"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-26527","reference_id":"CVE-2025-26527","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-26527"},{"reference_url":"https://github.com/advisories/GHSA-5r85-6h7f-rg3r","reference_id":"GHSA-5r85-6h7f-rg3r","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-5r85-6h7f-rg3r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84179?format=json","purl":"pkg:composer/moodle/moodle@4.3.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.10"},{"url":"http://public2.vulnerablecode.io/api/packages/84178?format=json","purl":"pkg:composer/moodle/moodle@4.4.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.6"},{"url":"http://public2.vulnerablecode.io/api/packages/84177?format=json","purl":"pkg:composer/moodle/moodle@4.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3m96-nmxm-tfgz"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-ey6g-spfk-7bcw"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-rgq5-458d-1fhg"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wjby-arfq-buby"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.2"}],"aliases":["CVE-2025-26527","GHSA-5r85-6h7f-rg3r"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gzdw-424p-mqfa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55138?format=json","vulnerability_id":"VCID-hmuw-bjax-37bz","summary":"Moodle Cross-site Scripting (XSS)\nInsufficient escaping of participants' names in the participants page table resulted in a stored XSS risk when interacting with some features.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81354","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81354"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33998","reference_id":"","reference_type":"","scores":[{"value":"0.01399","scoring_system":"epss","scoring_elements":"0.80777","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33998"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/66da9394993d97861f6c80bc4ec4ee9b513d2f33","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/66da9394993d97861f6c80bc4ec4ee9b513d2f33"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=458386","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-03T14:26:53Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=458386"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-33998","reference_id":"CVE-2024-33998","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-33998"},{"reference_url":"https://github.com/advisories/GHSA-xqhh-253w-4q5f","reference_id":"GHSA-xqhh-253w-4q5f","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xqhh-253w-4q5f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81691?format=json","purl":"pkg:composer/moodle/moodle@4.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4"}],"aliases":["CVE-2024-33998","GHSA-xqhh-253w-4q5f"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hmuw-bjax-37bz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50289?format=json","vulnerability_id":"VCID-j3ts-5ghc-4qct","summary":"Moodle has a Remote Code Execution risk via file restore\nA flaw was identified in Moodle’s backup restore functionality where specially crafted backup files were not properly validated during processing. If a malicious backup file is restored, it could lead to unintended execution of server-side code. Since restore capabilities are typically available to privileged users, exploitation requires authenticated access. Successful exploitation could result in full compromise of the Moodle server.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-26045","reference_id":"","reference_type":"","scores":[{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29587","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-26045"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2440901","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T04:56:33Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2440901"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/566054ba11f609a6d48d09b32e85d435d49927da","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/566054ba11f609a6d48d09b32e85d435d49927da"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=473314","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=473314"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2026-26045","reference_id":"CVE-2026-26045","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T04:56:33Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2026-26045"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-26045","reference_id":"CVE-2026-26045","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-26045"},{"reference_url":"https://github.com/advisories/GHSA-ggxq-2mg9-8966","reference_id":"GHSA-ggxq-2mg9-8966","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-ggxq-2mg9-8966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74185?format=json","purl":"pkg:composer/moodle/moodle@4.5.9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.9"},{"url":"http://public2.vulnerablecode.io/api/packages/74184?format=json","purl":"pkg:composer/moodle/moodle@5.0.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/74183?format=json","purl":"pkg:composer/moodle/moodle@5.1.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.1.2"}],"aliases":["CVE-2026-26045","GHSA-ggxq-2mg9-8966"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j3ts-5ghc-4qct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55136?format=json","vulnerability_id":"VCID-jdpb-f21j-tqa4","summary":"Moodle ReCAPTCHA can be bypassed on the login page\nInsufficient checks whether ReCAPTCHA was enabled made it possible to bypass the checks on the login page. This did not affect other pages where ReCAPTCHA is utilized.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81463","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81463"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34009","reference_id":"","reference_type":"","scores":[{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33531","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34009"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=458398","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-01T14:31:54Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=458398"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34009","reference_id":"CVE-2024-34009","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34009"},{"reference_url":"https://github.com/advisories/GHSA-gwf6-q6c2-94p3","reference_id":"GHSA-gwf6-q6c2-94p3","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gwf6-q6c2-94p3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81691?format=json","purl":"pkg:composer/moodle/moodle@4.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4"}],"aliases":["CVE-2024-34009","GHSA-gwf6-q6c2-94p3"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jdpb-f21j-tqa4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55150?format=json","vulnerability_id":"VCID-jkyc-esnt-p3ay","summary":"Moodle CSRF risk in analytics management of models\nActions in the admin management of analytics models did not include the necessary token to prevent a CSRF risk.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81059","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81059"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34008","reference_id":"","reference_type":"","scores":[{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58549","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34008"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/498a766263743ee649f6874e440a94517a077e2e","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/498a766263743ee649f6874e440a94517a077e2e"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=458397","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-05T19:22:27Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=458397"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34008","reference_id":"CVE-2024-34008","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34008"},{"reference_url":"https://github.com/advisories/GHSA-68x5-4jg5-gjgg","reference_id":"GHSA-68x5-4jg5-gjgg","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-68x5-4jg5-gjgg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81691?format=json","purl":"pkg:composer/moodle/moodle@4.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4"}],"aliases":["CVE-2024-34008","GHSA-68x5-4jg5-gjgg"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jkyc-esnt-p3ay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48117?format=json","vulnerability_id":"VCID-m2a7-q28u-1yfw","summary":"Moodle vulnerable to brute-force password guesses\nMoodle's mobile and web service authentication endpoints did not sufficiently restrict repeated password attempts, making them susceptible to brute-force attacks.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62399","reference_id":"","reference_type":"","scores":[{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25243","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62399"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2404432","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-23T14:51:39Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2404432"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/e4d02567c922c537086de9f59f063ca073552a3a","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/e4d02567c922c537086de9f59f063ca073552a3a"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=470388","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=470388"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-62399","reference_id":"CVE-2025-62399","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-23T14:51:39Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-62399"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-62399","reference_id":"CVE-2025-62399","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-62399"},{"reference_url":"https://github.com/advisories/GHSA-m58f-9pvv-8mp2","reference_id":"GHSA-m58f-9pvv-8mp2","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m58f-9pvv-8mp2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/71069?format=json","purl":"pkg:composer/moodle/moodle@4.4.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.11"},{"url":"http://public2.vulnerablecode.io/api/packages/71068?format=json","purl":"pkg:composer/moodle/moodle@4.5.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.7"},{"url":"http://public2.vulnerablecode.io/api/packages/71064?format=json","purl":"pkg:composer/moodle/moodle@5.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.0.3"}],"aliases":["CVE-2025-62399","GHSA-m58f-9pvv-8mp2"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m2a7-q28u-1yfw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56141?format=json","vulnerability_id":"VCID-m3jj-r66a-d7cv","summary":"Moodle vulnerable to cache poisoning via injection into storage\nTo address a cache poisoning risk in Moodle, additional validation for local storage was required.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81718","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81718"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43428","reference_id":"","reference_type":"","scores":[{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18476","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43428"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304256","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T14:41:01Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304256"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=461196","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T14:41:01Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=461196"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43428","reference_id":"CVE-2024-43428","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43428"},{"reference_url":"https://github.com/advisories/GHSA-2r9m-wg35-rfvc","reference_id":"GHSA-2r9m-wg35-rfvc","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-2r9m-wg35-rfvc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83186?format=json","purl":"pkg:composer/moodle/moodle@4.3.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6"},{"url":"http://public2.vulnerablecode.io/api/packages/83187?format=json","purl":"pkg:composer/moodle/moodle@4.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jjsw-9p4b-m3e5"},{"vulnerability":"VCID-kwhy-pkt9-1kfe"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2"}],"aliases":["CVE-2024-43428","GHSA-2r9m-wg35-rfvc"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"6.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m3jj-r66a-d7cv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56150?format=json","vulnerability_id":"VCID-m9tk-fa8m-zbah","summary":"Moodle LFI vulnerability when restoring malformed block backups\nA flaw was found in moodle. A local file may include risks when restoring block backups.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43440","reference_id":"","reference_type":"","scores":[{"value":"0.00334","scoring_system":"epss","scoring_elements":"0.56485","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43440"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304269","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:23:21Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304269"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=461210","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:23:21Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=461210"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43440","reference_id":"CVE-2024-43440","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43440"},{"reference_url":"https://github.com/advisories/GHSA-qrqv-26gf-xgwh","reference_id":"GHSA-qrqv-26gf-xgwh","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-qrqv-26gf-xgwh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83186?format=json","purl":"pkg:composer/moodle/moodle@4.3.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6"},{"url":"http://public2.vulnerablecode.io/api/packages/83187?format=json","purl":"pkg:composer/moodle/moodle@4.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jjsw-9p4b-m3e5"},{"vulnerability":"VCID-kwhy-pkt9-1kfe"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2"}],"aliases":["CVE-2024-43440","GHSA-qrqv-26gf-xgwh"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m9tk-fa8m-zbah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56225?format=json","vulnerability_id":"VCID-mnx8-118d-efcr","summary":"moodle: IDOR in edit/delete RSS feed\nA vulnerability was found in Moodle. Additional checks are required to ensure users can only edit or delete RSS feeds that they have permission to modify.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-48897","reference_id":"","reference_type":"","scores":[{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45845","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-48897"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318821","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:51:39Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318821"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-48897","reference_id":"CVE-2024-48897","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-48897"},{"reference_url":"https://github.com/advisories/GHSA-x3x9-349x-2485","reference_id":"GHSA-x3x9-349x-2485","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-x3x9-349x-2485"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83283?format=json","purl":"pkg:composer/moodle/moodle@4.3.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.8"},{"url":"http://public2.vulnerablecode.io/api/packages/83248?format=json","purl":"pkg:composer/moodle/moodle@4.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.4"}],"aliases":["CVE-2024-48897","GHSA-x3x9-349x-2485"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mnx8-118d-efcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55147?format=json","vulnerability_id":"VCID-ms4e-v5zc-9kgc","summary":"Moodle Authenticated LFI risk in some misconfigured shared hosting environments\nIn a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore feedback modules and direct access to the web server outside of the Moodle webroot could execute a local file include.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81135","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81135"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34002","reference_id":"","reference_type":"","scores":[{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.6377","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34002"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=458390","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-12T17:56:11Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=458390"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34002","reference_id":"CVE-2024-34002","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34002"},{"reference_url":"https://github.com/advisories/GHSA-mm9p-xwfm-3fqf","reference_id":"GHSA-mm9p-xwfm-3fqf","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mm9p-xwfm-3fqf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81691?format=json","purl":"pkg:composer/moodle/moodle@4.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4"}],"aliases":["CVE-2024-34002","GHSA-mm9p-xwfm-3fqf"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ms4e-v5zc-9kgc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56712?format=json","vulnerability_id":"VCID-nctp-rev5-puej","summary":"Moodle allows reflected XSS via question bank filter\nThe question bank filter required additional sanitizing to prevent a reflected XSS risk.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84146","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-24T20:05:56Z/"}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84146"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26530","reference_id":"","reference_type":"","scores":[{"value":"0.00957","scoring_system":"epss","scoring_elements":"0.76825","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26530"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=466146","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-24T20:05:56Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=466146"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-26530","reference_id":"CVE-2025-26530","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-26530"},{"reference_url":"https://github.com/advisories/GHSA-4w32-c9g7-27qx","reference_id":"GHSA-4w32-c9g7-27qx","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-4w32-c9g7-27qx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84179?format=json","purl":"pkg:composer/moodle/moodle@4.3.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.10"},{"url":"http://public2.vulnerablecode.io/api/packages/84178?format=json","purl":"pkg:composer/moodle/moodle@4.4.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.6"},{"url":"http://public2.vulnerablecode.io/api/packages/84177?format=json","purl":"pkg:composer/moodle/moodle@4.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3m96-nmxm-tfgz"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-ey6g-spfk-7bcw"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-rgq5-458d-1fhg"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wjby-arfq-buby"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.2"}],"aliases":["CVE-2025-26530","GHSA-4w32-c9g7-27qx"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nctp-rev5-puej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56703?format=json","vulnerability_id":"VCID-pd2f-4kxt-bkgp","summary":"Moodle's feedback response viewing and deletions did not respect Separate Groups mode\nSeparate Groups mode restrictions were not factored into permission checks before allowing viewing or deletion of responses in Feedback\nactivities.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79976","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-24T19:58:41Z/"}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79976"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26526","reference_id":"","reference_type":"","scores":[{"value":"0.00381","scoring_system":"epss","scoring_elements":"0.59868","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26526"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=466142","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-24T19:58:41Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=466142"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-26526","reference_id":"CVE-2025-26526","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-26526"},{"reference_url":"https://github.com/advisories/GHSA-pxg4-xjp7-w9c5","reference_id":"GHSA-pxg4-xjp7-w9c5","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-pxg4-xjp7-w9c5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84179?format=json","purl":"pkg:composer/moodle/moodle@4.3.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.10"},{"url":"http://public2.vulnerablecode.io/api/packages/84178?format=json","purl":"pkg:composer/moodle/moodle@4.4.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.6"},{"url":"http://public2.vulnerablecode.io/api/packages/84177?format=json","purl":"pkg:composer/moodle/moodle@4.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3m96-nmxm-tfgz"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-ey6g-spfk-7bcw"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-rgq5-458d-1fhg"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wjby-arfq-buby"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.2"}],"aliases":["CVE-2025-26526","GHSA-pxg4-xjp7-w9c5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pd2f-4kxt-bkgp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55388?format=json","vulnerability_id":"VCID-pged-191y-quhm","summary":"Moodle stored XSS via calendar's event title when deleting the event\nInsufficient escaping of calendar event titles resulted in a stored XSS risk in the event deletion prompt.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38274","reference_id":"","reference_type":"","scores":[{"value":"0.00994","scoring_system":"epss","scoring_elements":"0.77309","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38274"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=459499","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-15T18:37:02Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=459499"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38274","reference_id":"CVE-2024-38274","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38274"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6/","reference_id":"F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-15T18:37:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6/"},{"reference_url":"https://github.com/advisories/GHSA-p5cg-6rfr-6mx8","reference_id":"GHSA-p5cg-6rfr-6mx8","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-p5cg-6rfr-6mx8"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E/","reference_id":"GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-15T18:37:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81883?format=json","purl":"pkg:composer/moodle/moodle@4.3.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.5"},{"url":"http://public2.vulnerablecode.io/api/packages/81882?format=json","purl":"pkg:composer/moodle/moodle@4.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-edb5-zwa3-mfam"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jjsw-9p4b-m3e5"},{"vulnerability":"VCID-kwhy-pkt9-1kfe"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.1"}],"aliases":["CVE-2024-38274","GHSA-p5cg-6rfr-6mx8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pged-191y-quhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56143?format=json","vulnerability_id":"VCID-qruy-fs4p-43h1","summary":"Moodle has CSRF risk in Feedback non-respondents report\nThe bulk message sending feature in Moodle's Feedback module's non-respondents report had an incorrect CSRF token check, leading to a CSRF vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43434","reference_id":"","reference_type":"","scores":[{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.6729","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43434"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304262","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"8.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T14:40:44Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304262"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"8.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=461203","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"8.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T14:40:44Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=461203"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43434","reference_id":"CVE-2024-43434","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"8.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43434"},{"reference_url":"https://github.com/advisories/GHSA-x87r-37q5-mmr8","reference_id":"GHSA-x87r-37q5-mmr8","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-x87r-37q5-mmr8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83186?format=json","purl":"pkg:composer/moodle/moodle@4.3.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6"},{"url":"http://public2.vulnerablecode.io/api/packages/83187?format=json","purl":"pkg:composer/moodle/moodle@4.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jjsw-9p4b-m3e5"},{"vulnerability":"VCID-kwhy-pkt9-1kfe"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2"}],"aliases":["CVE-2024-43434","GHSA-x87r-37q5-mmr8"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qruy-fs4p-43h1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56147?format=json","vulnerability_id":"VCID-r4m3-9prr-dkby","summary":"Moodle's IDOR in Feedback non-respondents report allows messaging arbitrary site users\nA flaw was found in Feedback. Bulk messaging in the activity's non-respondents report did not verify message recipients belonging to the set of users returned by the report.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43438","reference_id":"","reference_type":"","scores":[{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.5246","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43438"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304267","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:40:31Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304267"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=461208","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:40:31Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=461208"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43438","reference_id":"CVE-2024-43438","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43438"},{"reference_url":"https://github.com/advisories/GHSA-p9cx-f595-h79h","reference_id":"GHSA-p9cx-f595-h79h","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-p9cx-f595-h79h"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83186?format=json","purl":"pkg:composer/moodle/moodle@4.3.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6"},{"url":"http://public2.vulnerablecode.io/api/packages/83187?format=json","purl":"pkg:composer/moodle/moodle@4.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jjsw-9p4b-m3e5"},{"vulnerability":"VCID-kwhy-pkt9-1kfe"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2"}],"aliases":["CVE-2024-43438","GHSA-p9cx-f595-h79h"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r4m3-9prr-dkby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56149?format=json","vulnerability_id":"VCID-r5w9-cbyk-hqc6","summary":"Moodle's IDOR in badges allows deletion of arbitrary badges\nA vulnerability was found in Moodle. Insufficient capability checks made it possible to delete badges that a user does not have permission to access.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43431","reference_id":"","reference_type":"","scores":[{"value":"0.00308","scoring_system":"epss","scoring_elements":"0.54353","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43431"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304259","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:40:53Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304259"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=461199","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:40:53Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=461199"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43431","reference_id":"CVE-2024-43431","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43431"},{"reference_url":"https://github.com/advisories/GHSA-wwjf-gwrv-wh45","reference_id":"GHSA-wwjf-gwrv-wh45","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-wwjf-gwrv-wh45"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83186?format=json","purl":"pkg:composer/moodle/moodle@4.3.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6"},{"url":"http://public2.vulnerablecode.io/api/packages/83187?format=json","purl":"pkg:composer/moodle/moodle@4.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jjsw-9p4b-m3e5"},{"vulnerability":"VCID-kwhy-pkt9-1kfe"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2"}],"aliases":["CVE-2024-43431","GHSA-wwjf-gwrv-wh45"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r5w9-cbyk-hqc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57197?format=json","vulnerability_id":"VCID-rcr9-z41f-sqbr","summary":"Moodle's mod_data edit/delete pages pass CSRF token in GET parameter\nA security vulnerability was found in Moodle where confidential information that prevents cross-site request forgery (CSRF) attacks was shared publicly through the site's URL. This vulnerability occurred specifically on two types of pages within the mod_data module: edit and delete pages.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-65356","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:43:02Z/"}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-65356"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3637","reference_id":"","reference_type":"","scores":[{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31915","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3637"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359727","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:43:02Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359727"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/052007b7324ef24aebe36a876ffa4fa97fac4f81","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/052007b7324ef24aebe36a876ffa4fa97fac4f81"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=467599","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=467599"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-3637","reference_id":"CVE-2025-3637","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:43:02Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-3637"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-3637","reference_id":"CVE-2025-3637","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-3637"},{"reference_url":"https://github.com/advisories/GHSA-9vc3-vm42-fjhm","reference_id":"GHSA-9vc3-vm42-fjhm","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-9vc3-vm42-fjhm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84925?format=json","purl":"pkg:composer/moodle/moodle@4.3.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.12"},{"url":"http://public2.vulnerablecode.io/api/packages/84926?format=json","purl":"pkg:composer/moodle/moodle@4.4.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.8"},{"url":"http://public2.vulnerablecode.io/api/packages/84927?format=json","purl":"pkg:composer/moodle/moodle@4.5.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-3m96-nmxm-tfgz"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-ey6g-spfk-7bcw"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.4"}],"aliases":["CVE-2025-3637","GHSA-9vc3-vm42-fjhm"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rcr9-z41f-sqbr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55386?format=json","vulnerability_id":"VCID-rm2q-xde7-a3ej","summary":"Moodle uses the same key for QR login and auto-login\nA unique key should be generated for a user's QR login key and their auto-login key, so the same key cannot be used interchangeably between the two.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38277","reference_id":"","reference_type":"","scores":[{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40237","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38277"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/0caedaab7cd5a46331d56654ce9301b0a5a04c56","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/0caedaab7cd5a46331d56654ce9301b0a5a04c56"},{"reference_url":"https://github.com/moodle/moodle/commit/1aea4a15281d81f2414a95aa485b8a6551708f57","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/1aea4a15281d81f2414a95aa485b8a6551708f57"},{"reference_url":"https://github.com/moodle/moodle/commit/ad46a97f5355f0451d52e9f1a0f528d9a6f12e06","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/ad46a97f5355f0451d52e9f1a0f528d9a6f12e06"},{"reference_url":"https://github.com/moodle/moodle/commit/d05795db8eece2943241a29a5443fb4685ba6070","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/d05795db8eece2943241a29a5443fb4685ba6070"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=459502","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-21T15:55:16Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=459502"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38277","reference_id":"CVE-2024-38277","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38277"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6/","reference_id":"F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-21T15:55:16Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6/"},{"reference_url":"https://github.com/advisories/GHSA-r82w-3phg-qvr4","reference_id":"GHSA-r82w-3phg-qvr4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r82w-3phg-qvr4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E/","reference_id":"GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-21T15:55:16Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81883?format=json","purl":"pkg:composer/moodle/moodle@4.3.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.5"},{"url":"http://public2.vulnerablecode.io/api/packages/81882?format=json","purl":"pkg:composer/moodle/moodle@4.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-edb5-zwa3-mfam"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jjsw-9p4b-m3e5"},{"vulnerability":"VCID-kwhy-pkt9-1kfe"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.1"}],"aliases":["CVE-2024-38277","GHSA-r82w-3phg-qvr4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rm2q-xde7-a3ej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56142?format=json","vulnerability_id":"VCID-sdxf-f1b3-t3cc","summary":"Moodle vulnerable to site administration SQL injection via XMLDB editor\nA SQL injection risk flaw was found in the XMLDB editor tool available to site administrators.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43436","reference_id":"","reference_type":"","scores":[{"value":"0.00496","scoring_system":"epss","scoring_elements":"0.6619","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43436"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304264","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T14:40:37Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304264"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=461206","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T14:40:37Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=461206"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43436","reference_id":"CVE-2024-43436","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43436"},{"reference_url":"https://github.com/advisories/GHSA-mx26-62xm-2p83","reference_id":"GHSA-mx26-62xm-2p83","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-mx26-62xm-2p83"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83186?format=json","purl":"pkg:composer/moodle/moodle@4.3.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6"},{"url":"http://public2.vulnerablecode.io/api/packages/83187?format=json","purl":"pkg:composer/moodle/moodle@4.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jjsw-9p4b-m3e5"},{"vulnerability":"VCID-kwhy-pkt9-1kfe"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2"}],"aliases":["CVE-2024-43436","GHSA-mx26-62xm-2p83"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sdxf-f1b3-t3cc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56706?format=json","vulnerability_id":"VCID-sgdq-5ha7-nfh2","summary":"Moodle has a stored XSS in ddimageortext question type\nThe drag-and-drop onto image (ddimageortext) question type required additional sanitizing to prevent a stored XSS risk.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-82896","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-24T20:03:52Z/"}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-82896"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26528","reference_id":"","reference_type":"","scores":[{"value":"0.00706","scoring_system":"epss","scoring_elements":"0.72569","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26528"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=466144","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-24T20:03:52Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=466144"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-26528","reference_id":"CVE-2025-26528","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-26528"},{"reference_url":"https://github.com/advisories/GHSA-h697-w4ph-7pcx","reference_id":"GHSA-h697-w4ph-7pcx","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-h697-w4ph-7pcx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84179?format=json","purl":"pkg:composer/moodle/moodle@4.3.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.10"},{"url":"http://public2.vulnerablecode.io/api/packages/84178?format=json","purl":"pkg:composer/moodle/moodle@4.4.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.6"},{"url":"http://public2.vulnerablecode.io/api/packages/84177?format=json","purl":"pkg:composer/moodle/moodle@4.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3m96-nmxm-tfgz"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-ey6g-spfk-7bcw"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-rgq5-458d-1fhg"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wjby-arfq-buby"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.2"}],"aliases":["CVE-2025-26528","GHSA-h697-w4ph-7pcx"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sgdq-5ha7-nfh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56223?format=json","vulnerability_id":"VCID-t8vm-tfnq-5kak","summary":"moodle: IDOR when fetching report schedules\nA vulnerability was found in Moodle. Additional checks are required to ensure users can only access the schedule of a report if they have permission to edit that report.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-48901","reference_id":"","reference_type":"","scores":[{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45845","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-48901"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318817","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-18T14:55:25Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318817"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-48901","reference_id":"CVE-2024-48901","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-48901"},{"reference_url":"https://github.com/advisories/GHSA-mg54-p2wj-5ph7","reference_id":"GHSA-mg54-p2wj-5ph7","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-mg54-p2wj-5ph7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83283?format=json","purl":"pkg:composer/moodle/moodle@4.3.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.8"},{"url":"http://public2.vulnerablecode.io/api/packages/83248?format=json","purl":"pkg:composer/moodle/moodle@4.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.4"}],"aliases":["CVE-2024-48901","GHSA-mg54-p2wj-5ph7"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t8vm-tfnq-5kak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55387?format=json","vulnerability_id":"VCID-tgs8-3n7x-cyc1","summary":"Moodle HTTP authorization header is preserved between \"emulated redirects\"\nThe cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38275","reference_id":"","reference_type":"","scores":[{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.68222","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38275"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/0df3c5837a592e6663c4d531ff6a1f776bc2f785","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/0df3c5837a592e6663c4d531ff6a1f776bc2f785"},{"reference_url":"https://github.com/moodle/moodle/commit/3e38c84315a7991ce5ef5f241f5e873b5ca24f01","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/3e38c84315a7991ce5ef5f241f5e873b5ca24f01"},{"reference_url":"https://github.com/moodle/moodle/commit/836b2c23a210317d130017d77bb64e3b510869a9","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/836b2c23a210317d130017d77bb64e3b510869a9"},{"reference_url":"https://github.com/moodle/moodle/commit/f7988538b2208c55f2c40ce4f0815901dc88049b","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/f7988538b2208c55f2c40ce4f0815901dc88049b"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=459500","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-02T13:36:09Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=459500"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38275","reference_id":"CVE-2024-38275","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38275"},{"reference_url":"https://github.com/advisories/GHSA-p2cj-86v4-7782","reference_id":"GHSA-p2cj-86v4-7782","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-p2cj-86v4-7782"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81883?format=json","purl":"pkg:composer/moodle/moodle@4.3.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.5"},{"url":"http://public2.vulnerablecode.io/api/packages/81882?format=json","purl":"pkg:composer/moodle/moodle@4.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-edb5-zwa3-mfam"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jjsw-9p4b-m3e5"},{"vulnerability":"VCID-kwhy-pkt9-1kfe"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.1"}],"aliases":["CVE-2024-38275","GHSA-p2cj-86v4-7782"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tgs8-3n7x-cyc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57185?format=json","vulnerability_id":"VCID-ueyy-v42v-7ydh","summary":"Moodle has reflected Cross-site Scripting risk in policy tool\nA flaw was found in Moodle. The return URL in the policy tool required additional sanitizing to prevent a reflected Cross-site scripting (XSS) risk.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3643","reference_id":"","reference_type":"","scores":[{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32105","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3643"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359742","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:55Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359742"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/ff9bbd6d9e7d6267ce85e6c9afbeb19581f2a85f","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/ff9bbd6d9e7d6267ce85e6c9afbeb19581f2a85f"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=467604","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:55Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=467604"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-3643","reference_id":"CVE-2025-3643","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:55Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-3643"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-3643","reference_id":"CVE-2025-3643","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-3643"},{"reference_url":"https://github.com/advisories/GHSA-hxgg-4qww-85ph","reference_id":"GHSA-hxgg-4qww-85ph","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-hxgg-4qww-85ph"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84925?format=json","purl":"pkg:composer/moodle/moodle@4.3.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.12"},{"url":"http://public2.vulnerablecode.io/api/packages/84926?format=json","purl":"pkg:composer/moodle/moodle@4.4.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.8"},{"url":"http://public2.vulnerablecode.io/api/packages/84927?format=json","purl":"pkg:composer/moodle/moodle@4.5.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-3m96-nmxm-tfgz"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-ey6g-spfk-7bcw"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.4"}],"aliases":["CVE-2025-3643","GHSA-hxgg-4qww-85ph"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ueyy-v42v-7ydh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55139?format=json","vulnerability_id":"VCID-umd1-pmr4-4bgs","summary":"Moodle CSRF risk in admin preset tool management of presets\nActions in the admin preset tool did not include the necessary token to prevent a CSRF risk.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34001","reference_id":"","reference_type":"","scores":[{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55654","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34001"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/03e93da556201291e4a345d353a06d08d5d04dd6","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/03e93da556201291e4a345d353a06d08d5d04dd6"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=458389","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-01T13:12:28Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=458389"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34001","reference_id":"CVE-2024-34001","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34001"},{"reference_url":"https://github.com/advisories/GHSA-gq9f-8rj4-w7jc","reference_id":"GHSA-gq9f-8rj4-w7jc","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gq9f-8rj4-w7jc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81691?format=json","purl":"pkg:composer/moodle/moodle@4.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4"}],"aliases":["CVE-2024-34001","GHSA-gq9f-8rj4-w7jc"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-umd1-pmr4-4bgs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56239?format=json","vulnerability_id":"VCID-vsrk-zp7j-w7bk","summary":"Moodle IDOR when deleting OAuth2 linked accounts\nA flaw was found in Moodle. Additional checks were required to ensure users can only delete their OAuth2-linked accounts.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45690","reference_id":"","reference_type":"","scores":[{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60627","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45690"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309939","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T14:15:47Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309939"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/809629e5afcd5be087e65668fe6cf67f2f4f5145","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/809629e5afcd5be087e65668fe6cf67f2f4f5145"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=461895#p1854492","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=461895#p1854492"},{"reference_url":"https://moodle.org/security","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/security"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45690","reference_id":"CVE-2024-45690","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45690"},{"reference_url":"https://github.com/advisories/GHSA-fhg2-r2h9-h7q8","reference_id":"GHSA-fhg2-r2h9-h7q8","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-fhg2-r2h9-h7q8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83315?format=json","purl":"pkg:composer/moodle/moodle@4.3.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.7"},{"url":"http://public2.vulnerablecode.io/api/packages/83316?format=json","purl":"pkg:composer/moodle/moodle@4.4.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-kwhy-pkt9-1kfe"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.3"}],"aliases":["CVE-2024-45690","GHSA-fhg2-r2h9-h7q8"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vsrk-zp7j-w7bk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57190?format=json","vulnerability_id":"VCID-vve8-f9s9-v7ft","summary":"Moodle's AJAX section delete does not respect course_can_delete_section()\nA flaw was found in Moodle. Additional checks were required to prevent users from deleting course sections they did not have permission to modify.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3644","reference_id":"","reference_type":"","scores":[{"value":"0.00175","scoring_system":"epss","scoring_elements":"0.38826","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3644"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359745","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:51Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359745"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/search?q=repo%3Amoodle%2Fmoodle+MDL-83994&type=commits","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/search?q=repo%3Amoodle%2Fmoodle+MDL-83994&type=commits"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=467605","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:51Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=467605"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-3644","reference_id":"CVE-2025-3644","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:51Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-3644"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-3644","reference_id":"CVE-2025-3644","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-3644"},{"reference_url":"https://github.com/advisories/GHSA-cpm7-mv33-jwf8","reference_id":"GHSA-cpm7-mv33-jwf8","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-cpm7-mv33-jwf8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84925?format=json","purl":"pkg:composer/moodle/moodle@4.3.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.12"},{"url":"http://public2.vulnerablecode.io/api/packages/84926?format=json","purl":"pkg:composer/moodle/moodle@4.4.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.8"},{"url":"http://public2.vulnerablecode.io/api/packages/84927?format=json","purl":"pkg:composer/moodle/moodle@4.5.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-3m96-nmxm-tfgz"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-ey6g-spfk-7bcw"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.4"}],"aliases":["CVE-2025-3644","GHSA-cpm7-mv33-jwf8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vve8-f9s9-v7ft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56156?format=json","vulnerability_id":"VCID-wwny-t2ez-y3e1","summary":"Moodle has insufficient capability checks\nA flaw was found in moodle. Insufficient capability checks make it possible for users with access to restore glossaries in courses to restore them into the global site glossary.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-64984","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-64984"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43435","reference_id":"","reference_type":"","scores":[{"value":"0.00529","scoring_system":"epss","scoring_elements":"0.67562","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43435"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304263","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T14:57:03Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304263"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=461205","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T14:57:03Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=461205"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43435","reference_id":"CVE-2024-43435","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43435"},{"reference_url":"https://github.com/advisories/GHSA-4gq2-x5w4-7hp8","reference_id":"GHSA-4gq2-x5w4-7hp8","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-4gq2-x5w4-7hp8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83186?format=json","purl":"pkg:composer/moodle/moodle@4.3.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6"},{"url":"http://public2.vulnerablecode.io/api/packages/83187?format=json","purl":"pkg:composer/moodle/moodle@4.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jjsw-9p4b-m3e5"},{"vulnerability":"VCID-kwhy-pkt9-1kfe"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2"}],"aliases":["CVE-2024-43435","GHSA-4gq2-x5w4-7hp8"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wwny-t2ez-y3e1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57193?format=json","vulnerability_id":"VCID-wwx4-ns21-k3hd","summary":"Moodle has an IDOR in web service which allows users enrolled in a course to access some details of other users\nA flaw was found in Moodle. Insufficient capability checks made it possible for a user enrolled in a course to access some details, such as the full name and profile image URL, of other users they did not have permission to access.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3640","reference_id":"","reference_type":"","scores":[{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37064","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3640"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359734","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:58Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359734"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/64a4311266cbe9a9a942c836931bef224018b77d","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/64a4311266cbe9a9a942c836931bef224018b77d"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=467601","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:58Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=467601"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-3640","reference_id":"CVE-2025-3640","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:58Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-3640"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-3640","reference_id":"CVE-2025-3640","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-3640"},{"reference_url":"https://github.com/advisories/GHSA-6g5x-h5x7-q4mq","reference_id":"GHSA-6g5x-h5x7-q4mq","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6g5x-h5x7-q4mq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84925?format=json","purl":"pkg:composer/moodle/moodle@4.3.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.12"},{"url":"http://public2.vulnerablecode.io/api/packages/84926?format=json","purl":"pkg:composer/moodle/moodle@4.4.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.8"},{"url":"http://public2.vulnerablecode.io/api/packages/84927?format=json","purl":"pkg:composer/moodle/moodle@4.5.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-3m96-nmxm-tfgz"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-ey6g-spfk-7bcw"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.4"}],"aliases":["CVE-2025-3640","GHSA-6g5x-h5x7-q4mq"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wwx4-ns21-k3hd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57194?format=json","vulnerability_id":"VCID-wytb-bryq-yqb4","summary":"Moodle has a CSRF risk in Brickfield tool's analysis request action\nA flaw was found in Moodle. The analysis request action in the Brickfield tool did not include the necessary token to prevent a Cross-site request forgery (CSRF) risk.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3638","reference_id":"","reference_type":"","scores":[{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.4656","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3638"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359732","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-25T15:51:01Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359732"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/91e6ad43ed2522f9c1c4094e565b5a7e5b348728","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/91e6ad43ed2522f9c1c4094e565b5a7e5b348728"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=467600","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-25T15:51:01Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=467600"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-3638","reference_id":"CVE-2025-3638","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-25T15:51:01Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-3638"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-3638","reference_id":"CVE-2025-3638","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-3638"},{"reference_url":"https://github.com/advisories/GHSA-m8qh-hx4c-h9hr","reference_id":"GHSA-m8qh-hx4c-h9hr","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-m8qh-hx4c-h9hr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84925?format=json","purl":"pkg:composer/moodle/moodle@4.3.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.12"},{"url":"http://public2.vulnerablecode.io/api/packages/84926?format=json","purl":"pkg:composer/moodle/moodle@4.4.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.8"},{"url":"http://public2.vulnerablecode.io/api/packages/84927?format=json","purl":"pkg:composer/moodle/moodle@4.5.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-3m96-nmxm-tfgz"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-ey6g-spfk-7bcw"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.4"}],"aliases":["CVE-2025-3638","GHSA-m8qh-hx4c-h9hr"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wytb-bryq-yqb4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57184?format=json","vulnerability_id":"VCID-xqha-pgc4-3udb","summary":"Moodle self enrollment available before completing second factor with MFA enabled\nA security vulnerability was discovered in Moodle that allows students to enroll themselves in courses without completing all the necessary safety checks. Specifically, users can sign up for courses prematurely, even if they haven't finished two-step verification processes.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3634","reference_id":"","reference_type":"","scores":[{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35193","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3634"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359707","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T14:23:56Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359707"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/b0965139014b459c3cb96e4fff45af4d5e09e261","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/b0965139014b459c3cb96e4fff45af4d5e09e261"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=467596","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=467596"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-3634","reference_id":"CVE-2025-3634","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T14:23:56Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-3634"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-3634","reference_id":"CVE-2025-3634","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-3634"},{"reference_url":"https://github.com/advisories/GHSA-qhc7-xhc2-7p7w","reference_id":"GHSA-qhc7-xhc2-7p7w","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-qhc7-xhc2-7p7w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84925?format=json","purl":"pkg:composer/moodle/moodle@4.3.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.12"},{"url":"http://public2.vulnerablecode.io/api/packages/84926?format=json","purl":"pkg:composer/moodle/moodle@4.4.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.8"},{"url":"http://public2.vulnerablecode.io/api/packages/84927?format=json","purl":"pkg:composer/moodle/moodle@4.5.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-3m96-nmxm-tfgz"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-ey6g-spfk-7bcw"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.4"}],"aliases":["CVE-2025-3634","GHSA-qhc7-xhc2-7p7w"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xqha-pgc4-3udb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55144?format=json","vulnerability_id":"VCID-y4g2-328f-qbge","summary":"Moodle Authenticated LFI risk in some misconfigured shared hosting environments\nIn a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore workshop modules and direct access to the web server outside of the Moodle webroot could execute a local file include.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-80712","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-80712"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34003","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39039","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34003"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=458391","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-01T13:16:51Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=458391"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34003","reference_id":"CVE-2024-34003","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34003"},{"reference_url":"https://github.com/advisories/GHSA-jg4f-8w9x-jv35","reference_id":"GHSA-jg4f-8w9x-jv35","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jg4f-8w9x-jv35"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81691?format=json","purl":"pkg:composer/moodle/moodle@4.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4"}],"aliases":["CVE-2024-34003","GHSA-jg4f-8w9x-jv35"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y4g2-328f-qbge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49824?format=json","vulnerability_id":"VCID-ykj6-ptd4-7qfs","summary":"Moodle affected by a code injection vulnerability\nA flaw was found in Moodle. An attacker with access to the restore interface could trigger server-side execution of arbitrary code. This is due to insufficient validation of restore input, which leads to unintended interpretation by core restore routines. Successful exploitation could result in a full compromise of the Moodle application.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67847","reference_id":"","reference_type":"","scores":[{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08982","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67847"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=471297#p1892199","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=471297#p1892199"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-67847","reference_id":"CVE-2025-67847","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-24T04:55:19Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-67847"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-67847","reference_id":"CVE-2025-67847","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-67847"},{"reference_url":"https://github.com/advisories/GHSA-xvmh-25jw-gmmm","reference_id":"GHSA-xvmh-25jw-gmmm","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xvmh-25jw-gmmm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73590?format=json","purl":"pkg:composer/moodle/moodle@4.4.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-j3ts-5ghc-4qct"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.12"},{"url":"http://public2.vulnerablecode.io/api/packages/73589?format=json","purl":"pkg:composer/moodle/moodle@4.5.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-j3ts-5ghc-4qct"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.8"},{"url":"http://public2.vulnerablecode.io/api/packages/73588?format=json","purl":"pkg:composer/moodle/moodle@5.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-j3ts-5ghc-4qct"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/73587?format=json","purl":"pkg:composer/moodle/moodle@5.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-j3ts-5ghc-4qct"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.1.1"}],"aliases":["CVE-2025-67847","GHSA-xvmh-25jw-gmmm"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ykj6-ptd4-7qfs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55145?format=json","vulnerability_id":"VCID-ytd5-2swj-wkh1","summary":"Moodle Authenticated LFI risk in some misconfigured shared hosting environments\nIn a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore wiki modules and direct access to the web server outside of the Moodle webroot could execute a local file include.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34004","reference_id":"","reference_type":"","scores":[{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.54226","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34004"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=458393","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-03T14:26:27Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=458393"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34004","reference_id":"CVE-2024-34004","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34004"},{"reference_url":"https://github.com/advisories/GHSA-q3cm-ccrm-2mr6","reference_id":"GHSA-q3cm-ccrm-2mr6","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-q3cm-ccrm-2mr6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81691?format=json","purl":"pkg:composer/moodle/moodle@4.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4"}],"aliases":["CVE-2024-34004","GHSA-q3cm-ccrm-2mr6"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ytd5-2swj-wkh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56226?format=json","vulnerability_id":"VCID-z5u9-5522-h7fx","summary":"moodle: Some users can delete audiences of other reports\nA vulnerability was found in Moodle. Users with access to delete audiences from reports could delete audiences from other reports that they do not have permission to delete from.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-48898","reference_id":"","reference_type":"","scores":[{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45845","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-48898"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318820","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-18T14:56:14Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318820"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-48898","reference_id":"CVE-2024-48898","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-48898"},{"reference_url":"https://github.com/advisories/GHSA-fjq9-452g-jg3q","reference_id":"GHSA-fjq9-452g-jg3q","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-fjq9-452g-jg3q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83283?format=json","purl":"pkg:composer/moodle/moodle@4.3.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.8"},{"url":"http://public2.vulnerablecode.io/api/packages/83248?format=json","purl":"pkg:composer/moodle/moodle@4.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.4"}],"aliases":["CVE-2024-48898","GHSA-fjq9-452g-jg3q"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z5u9-5522-h7fx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57187?format=json","vulnerability_id":"VCID-z693-m8fg-63cc","summary":"Moodle makes some user data available before completing second factor with MFA enabled\nA security vulnerability was discovered in Moodle that allows some users to access sensitive information about other students before they finish verifying their identities using two-factor authentication (2FA).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3627","reference_id":"","reference_type":"","scores":[{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26922","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3627"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359692","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:43:17Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359692"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/search?q=repo%3Amoodle%2Fmoodle+MDL-84351&type=commits","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/search?q=repo%3Amoodle%2Fmoodle+MDL-84351&type=commits"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=467594","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=467594"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-3627","reference_id":"CVE-2025-3627","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:43:17Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-3627"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-3627","reference_id":"CVE-2025-3627","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-3627"},{"reference_url":"https://github.com/advisories/GHSA-x45j-jq9q-gf3q","reference_id":"GHSA-x45j-jq9q-gf3q","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-x45j-jq9q-gf3q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84925?format=json","purl":"pkg:composer/moodle/moodle@4.3.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.12"},{"url":"http://public2.vulnerablecode.io/api/packages/84926?format=json","purl":"pkg:composer/moodle/moodle@4.4.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.8"},{"url":"http://public2.vulnerablecode.io/api/packages/84927?format=json","purl":"pkg:composer/moodle/moodle@4.5.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-3m96-nmxm-tfgz"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-ey6g-spfk-7bcw"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.4"}],"aliases":["CVE-2025-3627","GHSA-x45j-jq9q-gf3q"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z693-m8fg-63cc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56708?format=json","vulnerability_id":"VCID-zjqu-hbpf-9qe1","summary":"Moodle has a stored XSS risk in admin live log\nDescription information displayed in the site administration live log required additional sanitizing to prevent a stored XSS risk.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84145","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-24T20:05:38Z/"}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84145"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26529","reference_id":"","reference_type":"","scores":[{"value":"0.00961","scoring_system":"epss","scoring_elements":"0.7687","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26529"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=466145","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-24T20:05:38Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=466145"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-26529","reference_id":"CVE-2025-26529","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-26529"},{"reference_url":"https://github.com/advisories/GHSA-wr88-x8cm-7cgq","reference_id":"GHSA-wr88-x8cm-7cgq","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-wr88-x8cm-7cgq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84179?format=json","purl":"pkg:composer/moodle/moodle@4.3.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.10"},{"url":"http://public2.vulnerablecode.io/api/packages/84178?format=json","purl":"pkg:composer/moodle/moodle@4.4.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.6"},{"url":"http://public2.vulnerablecode.io/api/packages/84177?format=json","purl":"pkg:composer/moodle/moodle@4.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-3m96-nmxm-tfgz"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-ey6g-spfk-7bcw"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-rgq5-458d-1fhg"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wjby-arfq-buby"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.2"}],"aliases":["CVE-2025-26529","GHSA-wr88-x8cm-7cgq"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zjqu-hbpf-9qe1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57191?format=json","vulnerability_id":"VCID-zrjj-atms-8uf9","summary":"Moodle allows IDOR in RSS block, which allows access to additional RSS feeds\nA flaw was found in Moodle. This vulnerability allows unauthorized users to access and view RSS feeds due to insufficient capability checks.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84499","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:43:06Z/"}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84499"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3636","reference_id":"","reference_type":"","scores":[{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.2771","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3636"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359726","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:43:06Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359726"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/0bd97209ac5e217dbec236c73e4f6fdcaee1c737","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/0bd97209ac5e217dbec236c73e4f6fdcaee1c737"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=467598","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=467598"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-3636","reference_id":"CVE-2025-3636","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:43:06Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-3636"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-3636","reference_id":"CVE-2025-3636","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-3636"},{"reference_url":"https://github.com/advisories/GHSA-chmf-m33p-ph8m","reference_id":"GHSA-chmf-m33p-ph8m","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-chmf-m33p-ph8m"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84925?format=json","purl":"pkg:composer/moodle/moodle@4.3.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.12"},{"url":"http://public2.vulnerablecode.io/api/packages/84926?format=json","purl":"pkg:composer/moodle/moodle@4.4.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.8"},{"url":"http://public2.vulnerablecode.io/api/packages/84927?format=json","purl":"pkg:composer/moodle/moodle@4.5.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-3m96-nmxm-tfgz"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-dr5e-6s1a-6uas"},{"vulnerability":"VCID-ey6g-spfk-7bcw"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.4"}],"aliases":["CVE-2025-3636","GHSA-chmf-m33p-ph8m"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zrjj-atms-8uf9"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47035?format=json","vulnerability_id":"VCID-6726-ca8y-4uez","summary":"Improper Access Control in moodle\nSeparate Groups mode restrictions were not honored when performing a forum export, which would export forum data for all groups. By default this only provided additional access to non-editing teachers.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-80504","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:54:36Z/"}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-80504"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-25981","reference_id":"","reference_type":"","scores":[{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50828","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-25981"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264097","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:54:36Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264097"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/1c059cb3fe39da46959e912dc671844dd204e83b","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/1c059cb3fe39da46959e912dc671844dd204e83b"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=455637","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:54:36Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=455637"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-25981","reference_id":"CVE-2024-25981","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-25981"},{"reference_url":"https://github.com/advisories/GHSA-jfrg-9hpq-9hvp","reference_id":"GHSA-jfrg-9hpq-9hvp","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jfrg-9hpq-9hvp"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/","reference_id":"KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:54:36Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/68995?format=json","purl":"pkg:composer/moodle/moodle@4.1.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5ba5-pee7-6kh1"},{"vulnerability":"VCID-5s33-v19s-sqd6"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-893t-9cja-43g2"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-b3vw-8hzh-dybx"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dp61-6ban-cyda"},{"vulnerability":"VCID-evef-t6cx-vqcc"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hmuw-bjax-37bz"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jkyc-esnt-p3ay"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-ms4e-v5zc-9kgc"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-team-9wba-yufc"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-umd1-pmr4-4bgs"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-y4g2-328f-qbge"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-ytd5-2swj-wkh1"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.9"},{"url":"http://public2.vulnerablecode.io/api/packages/68994?format=json","purl":"pkg:composer/moodle/moodle@4.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-5ba5-pee7-6kh1"},{"vulnerability":"VCID-5s33-v19s-sqd6"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-893t-9cja-43g2"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-b3vw-8hzh-dybx"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dp61-6ban-cyda"},{"vulnerability":"VCID-evef-t6cx-vqcc"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-hmuw-bjax-37bz"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jkyc-esnt-p3ay"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-ms4e-v5zc-9kgc"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-umd1-pmr4-4bgs"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-y4g2-328f-qbge"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-ytd5-2swj-wkh1"},{"vulnerability":"VCID-z5u9-5522-h7fx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/68993?format=json","purl":"pkg:composer/moodle/moodle@4.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-5ba5-pee7-6kh1"},{"vulnerability":"VCID-5s33-v19s-sqd6"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-84hx-be7m-pfa1"},{"vulnerability":"VCID-893t-9cja-43g2"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-b3vw-8hzh-dybx"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dp61-6ban-cyda"},{"vulnerability":"VCID-evef-t6cx-vqcc"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-fz5m-54ja-sbg4"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hmuw-bjax-37bz"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jdpb-f21j-tqa4"},{"vulnerability":"VCID-jkyc-esnt-p3ay"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-ms4e-v5zc-9kgc"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-umd1-pmr4-4bgs"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-y4g2-328f-qbge"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-ytd5-2swj-wkh1"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.3"}],"aliases":["CVE-2024-25981","GHSA-jfrg-9hpq-9hvp"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6726-ca8y-4uez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47034?format=json","vulnerability_id":"VCID-gycn-bey2-4yam","summary":"Improper Access Control in moodle\nSeparate Groups mode restrictions were not honored in the H5P attempts report, which would display users from other groups. By default this only provided additional access to non-editing teachers.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-80501","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:42:10Z/"}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-80501"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-25980","reference_id":"","reference_type":"","scores":[{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.3759","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-25980"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264096","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:42:10Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264096"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/662192fcecdefdaae79f55db96bd64dbcdeef85b","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/662192fcecdefdaae79f55db96bd64dbcdeef85b"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=455636","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:42:10Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=455636"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-25980","reference_id":"CVE-2024-25980","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-25980"},{"reference_url":"https://github.com/advisories/GHSA-cp8m-h777-g4p3","reference_id":"GHSA-cp8m-h777-g4p3","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cp8m-h777-g4p3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/","reference_id":"KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:42:10Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/68995?format=json","purl":"pkg:composer/moodle/moodle@4.1.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5ba5-pee7-6kh1"},{"vulnerability":"VCID-5s33-v19s-sqd6"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-893t-9cja-43g2"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-b3vw-8hzh-dybx"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dp61-6ban-cyda"},{"vulnerability":"VCID-evef-t6cx-vqcc"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hmuw-bjax-37bz"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jkyc-esnt-p3ay"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-ms4e-v5zc-9kgc"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-team-9wba-yufc"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-umd1-pmr4-4bgs"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-y4g2-328f-qbge"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-ytd5-2swj-wkh1"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.9"},{"url":"http://public2.vulnerablecode.io/api/packages/68994?format=json","purl":"pkg:composer/moodle/moodle@4.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-5ba5-pee7-6kh1"},{"vulnerability":"VCID-5s33-v19s-sqd6"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-893t-9cja-43g2"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-b3vw-8hzh-dybx"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dp61-6ban-cyda"},{"vulnerability":"VCID-evef-t6cx-vqcc"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-hmuw-bjax-37bz"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jkyc-esnt-p3ay"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-ms4e-v5zc-9kgc"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-umd1-pmr4-4bgs"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-y4g2-328f-qbge"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-ytd5-2swj-wkh1"},{"vulnerability":"VCID-z5u9-5522-h7fx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/68993?format=json","purl":"pkg:composer/moodle/moodle@4.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-5ba5-pee7-6kh1"},{"vulnerability":"VCID-5s33-v19s-sqd6"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-84hx-be7m-pfa1"},{"vulnerability":"VCID-893t-9cja-43g2"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-b3vw-8hzh-dybx"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dp61-6ban-cyda"},{"vulnerability":"VCID-evef-t6cx-vqcc"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-fz5m-54ja-sbg4"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hmuw-bjax-37bz"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jdpb-f21j-tqa4"},{"vulnerability":"VCID-jkyc-esnt-p3ay"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-ms4e-v5zc-9kgc"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-umd1-pmr4-4bgs"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-y4g2-328f-qbge"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-ytd5-2swj-wkh1"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.3"}],"aliases":["CVE-2024-25980","GHSA-cp8m-h777-g4p3"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gycn-bey2-4yam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47041?format=json","vulnerability_id":"VCID-mhh7-n7ut-hkh6","summary":"Improper Handling of Parameters in moodle\nThe URL parameters accepted by forum search were not limited to the allowed parameters.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-69774","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-21T17:42:19Z/"}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-69774"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-25979","reference_id":"","reference_type":"","scores":[{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37048","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-25979"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264095","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-21T17:42:19Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264095"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/6eaeeda6cf759672def05a85afe9e4d521739166","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/6eaeeda6cf759672def05a85afe9e4d521739166"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=455635","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-21T17:42:19Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=455635"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-25979","reference_id":"CVE-2024-25979","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-25979"},{"reference_url":"https://github.com/advisories/GHSA-6vjf-48fh-vxxj","reference_id":"GHSA-6vjf-48fh-vxxj","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6vjf-48fh-vxxj"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/","reference_id":"KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-21T17:42:19Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/68995?format=json","purl":"pkg:composer/moodle/moodle@4.1.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5ba5-pee7-6kh1"},{"vulnerability":"VCID-5s33-v19s-sqd6"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-893t-9cja-43g2"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-b3vw-8hzh-dybx"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dp61-6ban-cyda"},{"vulnerability":"VCID-evef-t6cx-vqcc"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hmuw-bjax-37bz"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jkyc-esnt-p3ay"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-ms4e-v5zc-9kgc"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-team-9wba-yufc"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-umd1-pmr4-4bgs"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-y4g2-328f-qbge"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-ytd5-2swj-wkh1"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.9"},{"url":"http://public2.vulnerablecode.io/api/packages/68994?format=json","purl":"pkg:composer/moodle/moodle@4.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-5ba5-pee7-6kh1"},{"vulnerability":"VCID-5s33-v19s-sqd6"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-893t-9cja-43g2"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-b3vw-8hzh-dybx"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dp61-6ban-cyda"},{"vulnerability":"VCID-evef-t6cx-vqcc"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-hmuw-bjax-37bz"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jkyc-esnt-p3ay"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-ms4e-v5zc-9kgc"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-umd1-pmr4-4bgs"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-y4g2-328f-qbge"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-ytd5-2swj-wkh1"},{"vulnerability":"VCID-z5u9-5522-h7fx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/68993?format=json","purl":"pkg:composer/moodle/moodle@4.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-5ba5-pee7-6kh1"},{"vulnerability":"VCID-5s33-v19s-sqd6"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-84hx-be7m-pfa1"},{"vulnerability":"VCID-893t-9cja-43g2"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-b3vw-8hzh-dybx"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dp61-6ban-cyda"},{"vulnerability":"VCID-evef-t6cx-vqcc"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-fz5m-54ja-sbg4"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hmuw-bjax-37bz"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jdpb-f21j-tqa4"},{"vulnerability":"VCID-jkyc-esnt-p3ay"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-ms4e-v5zc-9kgc"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-umd1-pmr4-4bgs"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-y4g2-328f-qbge"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-ytd5-2swj-wkh1"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.3"}],"aliases":["CVE-2024-25979","GHSA-6vjf-48fh-vxxj"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mhh7-n7ut-hkh6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47040?format=json","vulnerability_id":"VCID-qabh-bpmn-1ye5","summary":"Cross-Site Request Forgery in moodle\nThe link to update all installed language packs did not include the necessary token to prevent a CSRF risk.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-54749","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:39:38Z/"}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-54749"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-25982","reference_id":"","reference_type":"","scores":[{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59795","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-25982"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264098","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:39:38Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264098"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/bac703c534d05d4502580fbe32447d5c777869bf","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/bac703c534d05d4502580fbe32447d5c777869bf"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=455638","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:39:38Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=455638"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-25982","reference_id":"CVE-2024-25982","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-25982"},{"reference_url":"https://github.com/advisories/GHSA-7pjp-fm93-p6pj","reference_id":"GHSA-7pjp-fm93-p6pj","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7pjp-fm93-p6pj"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/","reference_id":"KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:39:38Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/68995?format=json","purl":"pkg:composer/moodle/moodle@4.1.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5ba5-pee7-6kh1"},{"vulnerability":"VCID-5s33-v19s-sqd6"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-893t-9cja-43g2"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-b3vw-8hzh-dybx"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dp61-6ban-cyda"},{"vulnerability":"VCID-evef-t6cx-vqcc"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hmuw-bjax-37bz"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jkyc-esnt-p3ay"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-ms4e-v5zc-9kgc"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-team-9wba-yufc"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-umd1-pmr4-4bgs"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-y4g2-328f-qbge"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-ytd5-2swj-wkh1"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.9"},{"url":"http://public2.vulnerablecode.io/api/packages/68994?format=json","purl":"pkg:composer/moodle/moodle@4.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-5ba5-pee7-6kh1"},{"vulnerability":"VCID-5s33-v19s-sqd6"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-893t-9cja-43g2"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-b3vw-8hzh-dybx"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dp61-6ban-cyda"},{"vulnerability":"VCID-evef-t6cx-vqcc"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-hmuw-bjax-37bz"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jkyc-esnt-p3ay"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-ms4e-v5zc-9kgc"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-umd1-pmr4-4bgs"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-y4g2-328f-qbge"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-ytd5-2swj-wkh1"},{"vulnerability":"VCID-z5u9-5522-h7fx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/68993?format=json","purl":"pkg:composer/moodle/moodle@4.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-5ba5-pee7-6kh1"},{"vulnerability":"VCID-5s33-v19s-sqd6"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-84hx-be7m-pfa1"},{"vulnerability":"VCID-893t-9cja-43g2"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-b3vw-8hzh-dybx"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dp61-6ban-cyda"},{"vulnerability":"VCID-evef-t6cx-vqcc"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-fz5m-54ja-sbg4"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hmuw-bjax-37bz"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jdpb-f21j-tqa4"},{"vulnerability":"VCID-jkyc-esnt-p3ay"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-ms4e-v5zc-9kgc"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-umd1-pmr4-4bgs"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-y4g2-328f-qbge"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-ytd5-2swj-wkh1"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.3"}],"aliases":["CVE-2024-25982","GHSA-7pjp-fm93-p6pj"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qabh-bpmn-1ye5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47033?format=json","vulnerability_id":"VCID-r1ug-e8x6-83gt","summary":"Uncontrolled Resource Consumption\nInsufficient file size checks resulted in a denial of service risk in the file picker's unzip functionality.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-74641","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:09:44Z/"}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-74641"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-25978","reference_id":"","reference_type":"","scores":[{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52921","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-25978"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264074","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:09:44Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264074"},{"reference_url":"https://github.com/moodle/moodle/commit/9ba14233597480fb78c04d531050c090de4e60a2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/9ba14233597480fb78c04d531050c090de4e60a2"},{"reference_url":"https://github.com/moodle/moodle/commit/a73e0ac76d77b67602f91bb211962813d60bc573","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/a73e0ac76d77b67602f91bb211962813d60bc573"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=455634","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:09:44Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=455634"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-25978","reference_id":"CVE-2024-25978","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-25978"},{"reference_url":"https://github.com/advisories/GHSA-487g-3m3v-hjhq","reference_id":"GHSA-487g-3m3v-hjhq","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-487g-3m3v-hjhq"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/","reference_id":"KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:09:44Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/68995?format=json","purl":"pkg:composer/moodle/moodle@4.1.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5ba5-pee7-6kh1"},{"vulnerability":"VCID-5s33-v19s-sqd6"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-893t-9cja-43g2"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-b3vw-8hzh-dybx"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dp61-6ban-cyda"},{"vulnerability":"VCID-evef-t6cx-vqcc"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hmuw-bjax-37bz"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jkyc-esnt-p3ay"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-ms4e-v5zc-9kgc"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-team-9wba-yufc"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-umd1-pmr4-4bgs"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-y4g2-328f-qbge"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-ytd5-2swj-wkh1"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.9"},{"url":"http://public2.vulnerablecode.io/api/packages/68994?format=json","purl":"pkg:composer/moodle/moodle@4.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-5ba5-pee7-6kh1"},{"vulnerability":"VCID-5s33-v19s-sqd6"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-893t-9cja-43g2"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-b3vw-8hzh-dybx"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dp61-6ban-cyda"},{"vulnerability":"VCID-evef-t6cx-vqcc"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-hmuw-bjax-37bz"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jkyc-esnt-p3ay"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-ms4e-v5zc-9kgc"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-umd1-pmr4-4bgs"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-y4g2-328f-qbge"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-ytd5-2swj-wkh1"},{"vulnerability":"VCID-z5u9-5522-h7fx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/68993?format=json","purl":"pkg:composer/moodle/moodle@4.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-5ba5-pee7-6kh1"},{"vulnerability":"VCID-5s33-v19s-sqd6"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-84hx-be7m-pfa1"},{"vulnerability":"VCID-893t-9cja-43g2"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-b3vw-8hzh-dybx"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dp61-6ban-cyda"},{"vulnerability":"VCID-evef-t6cx-vqcc"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-fz5m-54ja-sbg4"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hmuw-bjax-37bz"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jdpb-f21j-tqa4"},{"vulnerability":"VCID-jkyc-esnt-p3ay"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-ms4e-v5zc-9kgc"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-umd1-pmr4-4bgs"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-y4g2-328f-qbge"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-ytd5-2swj-wkh1"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.3"}],"aliases":["CVE-2024-25978","GHSA-487g-3m3v-hjhq"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r1ug-e8x6-83gt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47032?format=json","vulnerability_id":"VCID-yc6t-am1p-x3ev","summary":"Authorization Bypass in moodle\nInsufficient checks in a web service made it possible to add comments to the comments block on another user's dashboard when it was not otherwise available (e.g., on their profile page).","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-78300","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:32:00Z/"}],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-78300"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-25983","reference_id":"","reference_type":"","scores":[{"value":"0.00241","scoring_system":"epss","scoring_elements":"0.47572","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-25983"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264099","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:32:00Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264099"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/4cae44dd0e9a7da47d08d9b75e0ebba0e4b422f4","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/4cae44dd0e9a7da47d08d9b75e0ebba0e4b422f4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=455641","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:32:00Z/"}],"url":"https://moodle.org/mod/forum/discuss.php?d=455641"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-25983","reference_id":"CVE-2024-25983","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-25983"},{"reference_url":"https://github.com/advisories/GHSA-9r26-5w88-qhp9","reference_id":"GHSA-9r26-5w88-qhp9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9r26-5w88-qhp9"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/","reference_id":"KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:32:00Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/68995?format=json","purl":"pkg:composer/moodle/moodle@4.1.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-44zf-1dw7-qkf5"},{"vulnerability":"VCID-4zvp-nmrk-4qbq"},{"vulnerability":"VCID-5ba5-pee7-6kh1"},{"vulnerability":"VCID-5s33-v19s-sqd6"},{"vulnerability":"VCID-5snb-dyv3-efe9"},{"vulnerability":"VCID-5xhb-mx3v-fuhs"},{"vulnerability":"VCID-61ry-zz34-8qhj"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-893t-9cja-43g2"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-b3vw-8hzh-dybx"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dp61-6ban-cyda"},{"vulnerability":"VCID-evef-t6cx-vqcc"},{"vulnerability":"VCID-f1da-1duc-2uhb"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hmuw-bjax-37bz"},{"vulnerability":"VCID-hufb-p6pa-63c9"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jkyc-esnt-p3ay"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-ms4e-v5zc-9kgc"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-team-9wba-yufc"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-umd1-pmr4-4bgs"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wby4-h9ud-1yh5"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-y4g2-328f-qbge"},{"vulnerability":"VCID-yby1-g45r-rugg"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-ytd5-2swj-wkh1"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.9"},{"url":"http://public2.vulnerablecode.io/api/packages/68994?format=json","purl":"pkg:composer/moodle/moodle@4.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-5ba5-pee7-6kh1"},{"vulnerability":"VCID-5s33-v19s-sqd6"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-893t-9cja-43g2"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-b3vw-8hzh-dybx"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dp61-6ban-cyda"},{"vulnerability":"VCID-evef-t6cx-vqcc"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-hmuw-bjax-37bz"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jkyc-esnt-p3ay"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-ms4e-v5zc-9kgc"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-umd1-pmr4-4bgs"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-y4g2-328f-qbge"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-ytd5-2swj-wkh1"},{"vulnerability":"VCID-z5u9-5522-h7fx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/68993?format=json","purl":"pkg:composer/moodle/moodle@4.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17k8-g4xw-b7g9"},{"vulnerability":"VCID-1efm-18zh-w7gm"},{"vulnerability":"VCID-1wup-hjxg-f7g4"},{"vulnerability":"VCID-21mq-pewz-ekdt"},{"vulnerability":"VCID-29mv-feyq-guew"},{"vulnerability":"VCID-2urf-d2qr-abdy"},{"vulnerability":"VCID-2wsu-7rzh-h7cs"},{"vulnerability":"VCID-3nu2-1cwj-sfdd"},{"vulnerability":"VCID-3nvq-s7y5-fufr"},{"vulnerability":"VCID-3yre-ft3n-2fd3"},{"vulnerability":"VCID-5ba5-pee7-6kh1"},{"vulnerability":"VCID-5s33-v19s-sqd6"},{"vulnerability":"VCID-657g-68tv-dkam"},{"vulnerability":"VCID-6cvg-r9am-wbh5"},{"vulnerability":"VCID-6p1s-2r14-z7ax"},{"vulnerability":"VCID-7p54-yn8k-aydw"},{"vulnerability":"VCID-7trf-g8dq-tua1"},{"vulnerability":"VCID-84hx-be7m-pfa1"},{"vulnerability":"VCID-893t-9cja-43g2"},{"vulnerability":"VCID-8uah-srba-6ubb"},{"vulnerability":"VCID-9rqr-xzr8-5fgf"},{"vulnerability":"VCID-9xk9-qb9x-jfcs"},{"vulnerability":"VCID-a1ek-x154-5ydy"},{"vulnerability":"VCID-ajrr-8392-kkcw"},{"vulnerability":"VCID-b3vw-8hzh-dybx"},{"vulnerability":"VCID-cjvx-m4xg-p7hb"},{"vulnerability":"VCID-d92c-j4yy-fud3"},{"vulnerability":"VCID-dky9-v96e-pubh"},{"vulnerability":"VCID-dp61-6ban-cyda"},{"vulnerability":"VCID-evef-t6cx-vqcc"},{"vulnerability":"VCID-ffp4-23na-rkgr"},{"vulnerability":"VCID-fz5m-54ja-sbg4"},{"vulnerability":"VCID-g3km-hbas-x3cg"},{"vulnerability":"VCID-gwnb-e3gt-kqcb"},{"vulnerability":"VCID-gzdw-424p-mqfa"},{"vulnerability":"VCID-hmuw-bjax-37bz"},{"vulnerability":"VCID-j3ts-5ghc-4qct"},{"vulnerability":"VCID-jdpb-f21j-tqa4"},{"vulnerability":"VCID-jkyc-esnt-p3ay"},{"vulnerability":"VCID-m2a7-q28u-1yfw"},{"vulnerability":"VCID-m3jj-r66a-d7cv"},{"vulnerability":"VCID-m9tk-fa8m-zbah"},{"vulnerability":"VCID-mnx8-118d-efcr"},{"vulnerability":"VCID-ms4e-v5zc-9kgc"},{"vulnerability":"VCID-nctp-rev5-puej"},{"vulnerability":"VCID-pd2f-4kxt-bkgp"},{"vulnerability":"VCID-pged-191y-quhm"},{"vulnerability":"VCID-qruy-fs4p-43h1"},{"vulnerability":"VCID-r4m3-9prr-dkby"},{"vulnerability":"VCID-r5w9-cbyk-hqc6"},{"vulnerability":"VCID-rcr9-z41f-sqbr"},{"vulnerability":"VCID-rm2q-xde7-a3ej"},{"vulnerability":"VCID-sdxf-f1b3-t3cc"},{"vulnerability":"VCID-sgdq-5ha7-nfh2"},{"vulnerability":"VCID-t8vm-tfnq-5kak"},{"vulnerability":"VCID-tgs8-3n7x-cyc1"},{"vulnerability":"VCID-ueyy-v42v-7ydh"},{"vulnerability":"VCID-umd1-pmr4-4bgs"},{"vulnerability":"VCID-vsrk-zp7j-w7bk"},{"vulnerability":"VCID-vve8-f9s9-v7ft"},{"vulnerability":"VCID-wwny-t2ez-y3e1"},{"vulnerability":"VCID-wwx4-ns21-k3hd"},{"vulnerability":"VCID-wytb-bryq-yqb4"},{"vulnerability":"VCID-xqha-pgc4-3udb"},{"vulnerability":"VCID-y4g2-328f-qbge"},{"vulnerability":"VCID-ykj6-ptd4-7qfs"},{"vulnerability":"VCID-ytd5-2swj-wkh1"},{"vulnerability":"VCID-z5u9-5522-h7fx"},{"vulnerability":"VCID-z693-m8fg-63cc"},{"vulnerability":"VCID-zjqu-hbpf-9qe1"},{"vulnerability":"VCID-zrjj-atms-8uf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.3"}],"aliases":["CVE-2024-25983","GHSA-9r26-5w88-qhp9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yc6t-am1p-x3ev"}],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.3"}