Search for vulnerabilities
Vulnerability details: VCID-3fz6-js97-dude
Vulnerability ID VCID-3fz6-js97-dude
Aliases CVE-2013-1836
GHSA-664q-mrxx-2x2v
Summary Moodle does not properly manage privileges for WebDAV repositories Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not properly manage privileges for WebDAV repositories, which allows remote authenticated users to read, modify, or delete arbitrary site-wide repositories by leveraging certain read access.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-264 Permissions, Privileges, and Access Controls
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
generic_textual MODERATE http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37852
generic_textual MODERATE http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101310.html
generic_textual MODERATE http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101358.html
generic_textual MODERATE http://openwall.com/lists/oss-security/2013/03/25/2
epss 0.00644 https://api.first.org/data/v1/epss?cve=CVE-2013-1836
epss 0.00644 https://api.first.org/data/v1/epss?cve=CVE-2013-1836
cvssv3.1_qr MODERATE https://github.com/advisories/GHSA-664q-mrxx-2x2v
generic_textual MODERATE https://github.com/moodle/moodle
generic_textual MODERATE https://github.com/moodle/moodle/commit/173a201f90941604ae1811a1b79089be4d78707c
generic_textual MODERATE https://github.com/moodle/moodle/commit/67c858414acb6564cd11f27adb9ffc75e9c8ba7f
generic_textual MODERATE https://github.com/moodle/moodle/commit/ac5fc5953426befb1232106ade9e42ff239d9b63
generic_textual MODERATE https://github.com/moodle/moodle/commit/c512e94e7c972c2ef398d49283edbbdc0cfe8ea1
generic_textual MODERATE https://github.com/moodle/moodle/commit/cb69d2584a0fda3f72cbb6974b155287bc6fcbab
generic_textual MODERATE https://github.com/moodle/moodle/commit/d5a3a922679f9314ffdc7e4769d78e920e588457
generic_textual MODERATE https://github.com/moodle/moodle/commit/e1be68f296addf57e80222e8a697931b0870c816
generic_textual MODERATE https://moodle.org/mod/forum/discuss.php?d=225348
generic_textual MODERATE https://nvd.nist.gov/vuln/detail/CVE-2013-1836
Reference id Reference type URL
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37852
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101310.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101358.html
http://openwall.com/lists/oss-security/2013/03/25/2
https://api.first.org/data/v1/epss?cve=CVE-2013-1836
https://github.com/moodle/moodle
https://github.com/moodle/moodle/commit/173a201f90941604ae1811a1b79089be4d78707c
https://github.com/moodle/moodle/commit/67c858414acb6564cd11f27adb9ffc75e9c8ba7f
https://github.com/moodle/moodle/commit/ac5fc5953426befb1232106ade9e42ff239d9b63
https://github.com/moodle/moodle/commit/c512e94e7c972c2ef398d49283edbbdc0cfe8ea1
https://github.com/moodle/moodle/commit/cb69d2584a0fda3f72cbb6974b155287bc6fcbab
https://github.com/moodle/moodle/commit/d5a3a922679f9314ffdc7e4769d78e920e588457
https://github.com/moodle/moodle/commit/e1be68f296addf57e80222e8a697931b0870c816
https://moodle.org/mod/forum/discuss.php?d=225348
https://nvd.nist.gov/vuln/detail/CVE-2013-1836
GHSA-664q-mrxx-2x2v https://github.com/advisories/GHSA-664q-mrxx-2x2v
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.69659
EPSS Score 0.00644
Published At June 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-01T12:26:53.393791+00:00 GithubOSV Importer Import https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-664q-mrxx-2x2v/GHSA-664q-mrxx-2x2v.json 36.1.3