VulnerableCode Vulnerability Details - VCID-amwe-thzu-fkcc

Search for vulnerabilities

Vulnerability details: VCID-amwe-thzu-fkcc

Essentials
Severities (12)
References (11)
Severity details (10)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-amwe-thzu-fkcc
Aliases	CVE-2014-0124 GHSA-fc5p-vj3h-x7g4
Summary	Moodle allows attackers to obtain sensitive information The identity-reporting implementations in mod/forum/renderer.php and mod/quiz/override_form.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 do not properly restrict the display of e-mail addresses, which allows remote authenticated users to obtain sensitive information by using the (1) Forum or (2) Quiz module.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-264	Permissions, Privileges, and Access Controls
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
generic_textual	MODERATE	http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43916
generic_textual	MODERATE	http://openwall.com/lists/oss-security/2014/03/17/1
epss	0.00199	https://api.first.org/data/v1/epss?cve=CVE-2014-0124
epss	0.00199	https://api.first.org/data/v1/epss?cve=CVE-2014-0124
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-fc5p-vj3h-x7g4
generic_textual	MODERATE	https://github.com/moodle/moodle
generic_textual	MODERATE	https://github.com/moodle/moodle/commit/2978623cda4521773fe2d45e04bee76601de487f
generic_textual	MODERATE	https://github.com/moodle/moodle/commit/ae0ec61180ec71cb5b158633b0a3523a7ca41a82
generic_textual	MODERATE	https://github.com/moodle/moodle/commit/db4e2c4cd47d48ebf06424d942bf603a8fa94d97
generic_textual	MODERATE	https://github.com/moodle/moodle/commit/dc8f55c30211efd6fac80386e5b3bffef31cca13
generic_textual	MODERATE	https://moodle.org/mod/forum/discuss.php?d=256421
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2014-0124

Reference id	Reference type	URL
		http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43916
		http://openwall.com/lists/oss-security/2014/03/17/1
		https://api.first.org/data/v1/epss?cve=CVE-2014-0124
		https://github.com/moodle/moodle
		https://github.com/moodle/moodle/commit/2978623cda4521773fe2d45e04bee76601de487f
		https://github.com/moodle/moodle/commit/ae0ec61180ec71cb5b158633b0a3523a7ca41a82
		https://github.com/moodle/moodle/commit/db4e2c4cd47d48ebf06424d942bf603a8fa94d97
		https://github.com/moodle/moodle/commit/dc8f55c30211efd6fac80386e5b3bffef31cca13
		https://moodle.org/mod/forum/discuss.php?d=256421
		https://nvd.nist.gov/vuln/detail/CVE-2014-0124
GHSA-fc5p-vj3h-x7g4		https://github.com/advisories/GHSA-fc5p-vj3h-x7g4

No exploits are available.

Exploit Prediction Scoring System (EPSS)

Percentile	0.42386
EPSS Score	0.00199
Published At	June 30, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-01T12:28:54.190298+00:00	GithubOSV Importer	Import	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-fc5p-vj3h-x7g4/GHSA-fc5p-vj3h-x7g4.json	36.1.3