Search for vulnerabilities
| Vulnerability ID | VCID-am7n-yk56-5qcq |
| Aliases |
CVE-2010-1613
GHSA-j5rc-cr5w-vfg6 |
| Summary | Moodle Session Fixation vulnerability Moodle 1.8.x and 1.9.x before 1.9.8 does not enable the "Regenerate session id during login" setting by default, which makes it easier for remote attackers to conduct session fixation attacks. |
| Status | Published |
| Exploitability | 0.5 |
| Weighted Severity | 6.2 |
| Risk | 3.1 |
| Affected and Fixed Packages | Package Details |
| System | Score | Found at |
|---|---|---|
| generic_textual | MODERATE | http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html |
| generic_textual | MODERATE | http://moodle.org/security |
| epss | 0.00447 | https://api.first.org/data/v1/epss?cve=CVE-2010-1613 |
| epss | 0.00447 | https://api.first.org/data/v1/epss?cve=CVE-2010-1613 |
| cvssv3.1_qr | MODERATE | https://github.com/advisories/GHSA-j5rc-cr5w-vfg6 |
| generic_textual | MODERATE | https://github.com/moodle/moodle |
| generic_textual | MODERATE | https://nvd.nist.gov/vuln/detail/CVE-2010-1613 |
| Percentile | 0.62534 |
| EPSS Score | 0.00447 |
| Published At | June 30, 2025, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2025-07-01T12:30:46.201311+00:00 | GithubOSV Importer | Import | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-j5rc-cr5w-vfg6/GHSA-j5rc-cr5w-vfg6.json | 36.1.3 |