VulnerableCode Package Details - pkg:composer/moodle/moodle@4.2.11

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-1a6w-k5qe-6yem	moodle: Some users can delete audiences of other reports A vulnerability was found in Moodle. Users with access to delete audiences from reports could delete audiences from other reports that they do not have permission to delete from.	CVE-2024-48898 GHSA-fjq9-452g-jg3q
VCID-1n62-5dj6-b3fv	moodle: IDOR in edit/delete RSS feed A vulnerability was found in Moodle. Additional checks are required to ensure users can only edit or delete RSS feeds that they have permission to modify.	CVE-2024-48897 GHSA-x3x9-349x-2485
VCID-v32y-srqy-tuap	moodle: IDOR when fetching report schedules A vulnerability was found in Moodle. Additional checks are required to ensure users can only access the schedule of a report if they have permission to edit that report.	CVE-2024-48901 GHSA-mg54-p2wj-5ph7
VCID-w61p-fp6w-jqa5	Moodle leaks user names A vulnerability was found in Moodle. It is possible for users with the "send message" capability to view other users' names that they may not otherwise have access to via an error message in Messaging. Note: The name returned follows the full name format configured on the site.	CVE-2024-48896 GHSA-cq5f-wv7p-5gfc

Vulnerability

Summary

Aliases

VCID-1a6w-k5qe-6yem

moodle: Some users can delete audiences of other reports A vulnerability was found in Moodle. Users with access to delete audiences from reports could delete audiences from other reports that they do not have permission to delete from.

CVE-2024-48898
GHSA-fjq9-452g-jg3q

VCID-1n62-5dj6-b3fv

moodle: IDOR in edit/delete RSS feed A vulnerability was found in Moodle. Additional checks are required to ensure users can only edit or delete RSS feeds that they have permission to modify.

CVE-2024-48897
GHSA-x3x9-349x-2485

VCID-v32y-srqy-tuap

moodle: IDOR when fetching report schedules A vulnerability was found in Moodle. Additional checks are required to ensure users can only access the schedule of a report if they have permission to edit that report.

CVE-2024-48901
GHSA-mg54-p2wj-5ph7

VCID-w61p-fp6w-jqa5

Moodle leaks user names A vulnerability was found in Moodle. It is possible for users with the "send message" capability to view other users' names that they may not otherwise have access to via an error message in Messaging. Note: The name returned follows the full name format configured on the site.

CVE-2024-48896
GHSA-cq5f-wv7p-5gfc

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-03T19:15:58.910981+00:00	GitLab Importer	Fixing	VCID-w61p-fp6w-jqa5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2024-48896.yml	37.0.0
2025-07-03T19:15:55.953623+00:00	GitLab Importer	Fixing	VCID-1a6w-k5qe-6yem	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2024-48898.yml	37.0.0
2025-07-03T19:15:55.018541+00:00	GitLab Importer	Fixing	VCID-1n62-5dj6-b3fv	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2024-48897.yml	37.0.0
2025-07-03T19:15:53.978534+00:00	GitLab Importer	Fixing	VCID-v32y-srqy-tuap	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2024-48901.yml	37.0.0
2025-07-03T13:57:26.797329+00:00	GitLab Importer	Fixing	VCID-w61p-fp6w-jqa5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2024-48896.yml	36.1.3
2025-07-03T13:57:26.597473+00:00	GitLab Importer	Fixing	VCID-1a6w-k5qe-6yem	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2024-48898.yml	36.1.3
2025-07-03T13:57:26.550624+00:00	GitLab Importer	Fixing	VCID-1n62-5dj6-b3fv	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2024-48897.yml	36.1.3
2025-07-03T13:57:26.504701+00:00	GitLab Importer	Fixing	VCID-v32y-srqy-tuap	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2024-48901.yml	36.1.3
2025-07-01T14:35:51.356064+00:00	GHSA Importer	Fixing	VCID-1n62-5dj6-b3fv	https://github.com/advisories/GHSA-x3x9-349x-2485	36.1.3
2025-07-01T14:35:51.296946+00:00	GHSA Importer	Fixing	VCID-w61p-fp6w-jqa5	https://github.com/advisories/GHSA-cq5f-wv7p-5gfc	36.1.3
2025-07-01T14:35:51.148568+00:00	GHSA Importer	Fixing	VCID-v32y-srqy-tuap	https://github.com/advisories/GHSA-mg54-p2wj-5ph7	36.1.3
2025-07-01T14:35:50.931695+00:00	GHSA Importer	Fixing	VCID-1a6w-k5qe-6yem	https://github.com/advisories/GHSA-fjq9-452g-jg3q	36.1.3
2025-07-01T12:10:37.291871+00:00	GithubOSV Importer	Fixing	VCID-1n62-5dj6-b3fv	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/11/GHSA-x3x9-349x-2485/GHSA-x3x9-349x-2485.json	36.1.3
2025-07-01T12:10:36.067287+00:00	GithubOSV Importer	Fixing	VCID-1a6w-k5qe-6yem	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/11/GHSA-fjq9-452g-jg3q/GHSA-fjq9-452g-jg3q.json	36.1.3
2025-07-01T12:10:33.875795+00:00	GithubOSV Importer	Fixing	VCID-w61p-fp6w-jqa5	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/11/GHSA-cq5f-wv7p-5gfc/GHSA-cq5f-wv7p-5gfc.json	36.1.3
2025-07-01T12:10:33.633103+00:00	GithubOSV Importer	Fixing	VCID-v32y-srqy-tuap	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/11/GHSA-mg54-p2wj-5ph7/GHSA-mg54-p2wj-5ph7.json	36.1.3