Search for vulnerabilities
Vulnerability details: VCID-wcmd-cnkc-pbby
Vulnerability ID VCID-wcmd-cnkc-pbby
Aliases CVE-2013-2080
GHSA-wmmc-qjq2-vvm2
Summary Moodle is vulnerable to Sensitive Information Disclosure The core_grade component in Moodle through 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not properly consider the existence of hidden grades, which allows remote authenticated users to obtain sensitive information by leveraging the student role and reading the Gradebook Overview report.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (4)
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-264 Permissions, Privileges, and Access Controls
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
generic_textual MODERATE http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37475
generic_textual MODERATE http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106965.html
generic_textual MODERATE http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106988.html
generic_textual MODERATE http://lists.fedoraproject.org/pipermail/package-announce/2013-May/107026.html
generic_textual MODERATE http://openwall.com/lists/oss-security/2013/05/21/1
epss 0.00423 https://api.first.org/data/v1/epss?cve=CVE-2013-2080
epss 0.00423 https://api.first.org/data/v1/epss?cve=CVE-2013-2080
cvssv3.1_qr MODERATE https://github.com/advisories/GHSA-wmmc-qjq2-vvm2
generic_textual MODERATE https://github.com/moodle/moodle
generic_textual MODERATE https://github.com/moodle/moodle/commit/4b280ca67972479b4b86dd8861bcbeb8c06e41f9
generic_textual MODERATE https://github.com/moodle/moodle/commit/5df9bc3998095299c6862973866252649a5e0866
generic_textual MODERATE https://github.com/moodle/moodle/commit/bf5f227817ec65cfdf76d4bdc961af81a701bc31
generic_textual MODERATE https://moodle.org/mod/forum/discuss.php?d=228931
generic_textual MODERATE https://nvd.nist.gov/vuln/detail/CVE-2013-2080
Reference id Reference type URL
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37475
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106965.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106988.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/107026.html
http://openwall.com/lists/oss-security/2013/05/21/1
https://api.first.org/data/v1/epss?cve=CVE-2013-2080
https://github.com/moodle/moodle
https://github.com/moodle/moodle/commit/4b280ca67972479b4b86dd8861bcbeb8c06e41f9
https://github.com/moodle/moodle/commit/5df9bc3998095299c6862973866252649a5e0866
https://github.com/moodle/moodle/commit/bf5f227817ec65cfdf76d4bdc961af81a701bc31
https://moodle.org/mod/forum/discuss.php?d=228931
https://nvd.nist.gov/vuln/detail/CVE-2013-2080
GHSA-wmmc-qjq2-vvm2 https://github.com/advisories/GHSA-wmmc-qjq2-vvm2
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.61211
EPSS Score 0.00423
Published At June 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-01T12:30:19.968030+00:00 GithubOSV Importer Import https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-wmmc-qjq2-vvm2/GHSA-wmmc-qjq2-vvm2.json 36.1.3