VulnerableCode Vulnerability Details - VCID-xn5k-t4zd-h7g4

Search for vulnerabilities

Vulnerability details: VCID-xn5k-t4zd-h7g4

Essentials
Severities (14)
References (13)
Severity details (12)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-xn5k-t4zd-h7g4
Aliases	CVE-2013-1831 GHSA-xr24-jp5c-6c4v
Summary	Moodle reveals absolute path in exception message lib/setuplib.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the absolute path in an exception message.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-200	Exposure of Sensitive Information to an Unauthorized Actor
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
generic_textual	MODERATE	http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36901
generic_textual	MODERATE	http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101310.html
generic_textual	MODERATE	http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101358.html
generic_textual	MODERATE	http://openwall.com/lists/oss-security/2013/03/25/2
epss	0.00357	https://api.first.org/data/v1/epss?cve=CVE-2013-1831
epss	0.00357	https://api.first.org/data/v1/epss?cve=CVE-2013-1831
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-xr24-jp5c-6c4v
generic_textual	MODERATE	https://github.com/moodle/moodle
generic_textual	MODERATE	https://github.com/moodle/moodle/commit/2c7cdbb3b0b6ba4dd64297463d37a5acbd730216
generic_textual	MODERATE	https://github.com/moodle/moodle/commit/53c66110a878f4f4644728138ea97c22990263e3
generic_textual	MODERATE	https://github.com/moodle/moodle/commit/8d220cb552d9c55b98aef70e2f40ef560efeb79b
generic_textual	MODERATE	https://github.com/moodle/moodle/commit/b3daaada49a2dd83a4f1e832465d5c318f9f275c
generic_textual	MODERATE	https://moodle.org/mod/forum/discuss.php?d=225342
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2013-1831

Reference id	Reference type	URL
		http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36901
		http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101310.html
		http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101358.html
		http://openwall.com/lists/oss-security/2013/03/25/2
		https://api.first.org/data/v1/epss?cve=CVE-2013-1831
		https://github.com/moodle/moodle
		https://github.com/moodle/moodle/commit/2c7cdbb3b0b6ba4dd64297463d37a5acbd730216
		https://github.com/moodle/moodle/commit/53c66110a878f4f4644728138ea97c22990263e3
		https://github.com/moodle/moodle/commit/8d220cb552d9c55b98aef70e2f40ef560efeb79b
		https://github.com/moodle/moodle/commit/b3daaada49a2dd83a4f1e832465d5c318f9f275c
		https://moodle.org/mod/forum/discuss.php?d=225342
		https://nvd.nist.gov/vuln/detail/CVE-2013-1831
GHSA-xr24-jp5c-6c4v		https://github.com/advisories/GHSA-xr24-jp5c-6c4v

No exploits are available.

Exploit Prediction Scoring System (EPSS)

Percentile	0.57198
EPSS Score	0.00357
Published At	June 30, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-01T12:30:48.964374+00:00	GithubOSV Importer	Import	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-xr24-jp5c-6c4v/GHSA-xr24-jp5c-6c4v.json	36.1.3