Search for vulnerabilities
Vulnerability details: VCID-np1c-zfp4-gkfc
Vulnerability ID VCID-np1c-zfp4-gkfc
Aliases CVE-2013-2081
GHSA-x3x8-fjw6-hccx
Summary Moodle does not consider "don't send" attributes during hub registration Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not consider "don't send" attributes during hub registration, which allows remote hubs to obtain sensitive site information by reading form data.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (4)
CWE-284 Improper Access Control
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-264 Permissions, Privileges, and Access Controls
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
generic_textual MODERATE http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37822
generic_textual MODERATE http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106965.html
generic_textual MODERATE http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106988.html
generic_textual MODERATE http://lists.fedoraproject.org/pipermail/package-announce/2013-May/107026.html
generic_textual MODERATE http://openwall.com/lists/oss-security/2013/05/21/1
epss 0.00464 https://api.first.org/data/v1/epss?cve=CVE-2013-2081
epss 0.00464 https://api.first.org/data/v1/epss?cve=CVE-2013-2081
cvssv3.1_qr MODERATE https://github.com/advisories/GHSA-x3x8-fjw6-hccx
generic_textual MODERATE https://github.com/moodle/moodle
generic_textual MODERATE https://github.com/moodle/moodle/commit/1d79b726d762bcc629c1a2a74cfa3eca5a7c5da7
generic_textual MODERATE https://github.com/moodle/moodle/commit/1fc34e37fdc57b4ec303cb942dc5d5535b953ed7
generic_textual MODERATE https://github.com/moodle/moodle/commit/4d65904bc132548a2ef4c2a40bf5ba2cffb5f68f
generic_textual MODERATE https://github.com/moodle/moodle/commit/54a3ce69e9ca751fffd0b3e0eb5be4add50de113
generic_textual MODERATE https://github.com/moodle/moodle/commit/60c468bcb3b6f867a70f2f30427b52e0362e93d1
generic_textual MODERATE https://github.com/moodle/moodle/commit/667eaec4d2679a8bc1fcd9f0ff17a1be2babccb0
generic_textual MODERATE https://github.com/moodle/moodle/commit/669dee58048b18d9034a7b2367b97a50b498b0e0
generic_textual MODERATE https://github.com/moodle/moodle/commit/a811e8ac56e49a174b68ceade81197c80be4b325
generic_textual MODERATE https://github.com/moodle/moodle/commit/be6281e2cbc2fb40b96a48c07c80883fa80cd1b7
generic_textual MODERATE https://github.com/moodle/moodle/commit/fd469033fa2c860647e48f3d543346503a37faa0
generic_textual MODERATE https://moodle.org/mod/forum/discuss.php?d=228933
generic_textual MODERATE https://nvd.nist.gov/vuln/detail/CVE-2013-2081
Reference id Reference type URL
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37822
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106965.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106988.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/107026.html
http://openwall.com/lists/oss-security/2013/05/21/1
https://api.first.org/data/v1/epss?cve=CVE-2013-2081
https://github.com/moodle/moodle
https://github.com/moodle/moodle/commit/1d79b726d762bcc629c1a2a74cfa3eca5a7c5da7
https://github.com/moodle/moodle/commit/1fc34e37fdc57b4ec303cb942dc5d5535b953ed7
https://github.com/moodle/moodle/commit/4d65904bc132548a2ef4c2a40bf5ba2cffb5f68f
https://github.com/moodle/moodle/commit/54a3ce69e9ca751fffd0b3e0eb5be4add50de113
https://github.com/moodle/moodle/commit/60c468bcb3b6f867a70f2f30427b52e0362e93d1
https://github.com/moodle/moodle/commit/667eaec4d2679a8bc1fcd9f0ff17a1be2babccb0
https://github.com/moodle/moodle/commit/669dee58048b18d9034a7b2367b97a50b498b0e0
https://github.com/moodle/moodle/commit/a811e8ac56e49a174b68ceade81197c80be4b325
https://github.com/moodle/moodle/commit/be6281e2cbc2fb40b96a48c07c80883fa80cd1b7
https://github.com/moodle/moodle/commit/fd469033fa2c860647e48f3d543346503a37faa0
https://moodle.org/mod/forum/discuss.php?d=228933
https://nvd.nist.gov/vuln/detail/CVE-2013-2081
GHSA-x3x8-fjw6-hccx https://github.com/advisories/GHSA-x3x8-fjw6-hccx
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.63326
EPSS Score 0.00464
Published At June 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-01T12:25:48.656969+00:00 GithubOSV Importer Import https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-x3x8-fjw6-hccx/GHSA-x3x8-fjw6-hccx.json 36.1.3