Search for vulnerabilities
| Vulnerability ID | VCID-h159-uuxe-vfa1 |
| Aliases |
CVE-2012-2353
GHSA-mr97-gvvg-rhgh |
| Summary | Moodle Exposes Sensitive User Information Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to obtain sensitive user information from hidden fields by leveraging the teacher role and navigating to "Enrolled users" under the Users Settings section. |
| Status | Published |
| Exploitability | 0.5 |
| Weighted Severity | 6.2 |
| Risk | 3.1 |
| Affected and Fixed Packages | Package Details |
| System | Score | Found at |
|---|---|---|
| generic_textual | MODERATE | http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-31923 |
| generic_textual | MODERATE | http://openwall.com/lists/oss-security/2012/05/23/2 |
| epss | 0.00176 | https://api.first.org/data/v1/epss?cve=CVE-2012-2353 |
| epss | 0.00176 | https://api.first.org/data/v1/epss?cve=CVE-2012-2353 |
| cvssv3.1_qr | MODERATE | https://github.com/advisories/GHSA-mr97-gvvg-rhgh |
| generic_textual | MODERATE | https://github.com/moodle/moodle |
| generic_textual | MODERATE | https://github.com/moodle/moodle/commit/a645b79113b2ee7881b6bdae64a0c2a9f04db5c7 |
| generic_textual | MODERATE | https://github.com/moodle/moodle/commit/ce13ea6ceb15f00c3cc6d40d79b06be39de7987a |
| generic_textual | MODERATE | https://github.com/moodle/moodle/commit/cfaa50a61d61719c65aa7e26f5444852931e07b6 |
| generic_textual | MODERATE | https://nvd.nist.gov/vuln/detail/CVE-2012-2353 |
| Percentile | 0.39717 |
| EPSS Score | 0.00176 |
| Published At | June 30, 2025, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2025-07-01T12:26:17.828577+00:00 | GithubOSV Importer | Import | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-mr97-gvvg-rhgh/GHSA-mr97-gvvg-rhgh.json | 36.1.3 |