VulnerableCode Vulnerability Details - VCID-yf7v-fq77-7fgs

Search for vulnerabilities

Vulnerability details: VCID-yf7v-fq77-7fgs

Essentials
Severities (14)
References (13)
Severity details (12)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-yf7v-fq77-7fgs
Aliases	CVE-2013-1832 GHSA-pgp5-rcwp-qvfg
Summary	Moodle includes the WebDAV password in the configuration form repository/webdav/lib.php in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 includes the WebDAV password in the configuration form, which allows remote authenticated administrators to obtain sensitive information by configuring an instance.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-200	Exposure of Sensitive Information to an Unauthorized Actor
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
generic_textual	MODERATE	http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37681
generic_textual	MODERATE	http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101310.html
generic_textual	MODERATE	http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101358.html
generic_textual	MODERATE	http://openwall.com/lists/oss-security/2013/03/25/2
epss	0.00232	https://api.first.org/data/v1/epss?cve=CVE-2013-1832
epss	0.00232	https://api.first.org/data/v1/epss?cve=CVE-2013-1832
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-pgp5-rcwp-qvfg
generic_textual	MODERATE	https://github.com/moodle/moodle
generic_textual	MODERATE	https://github.com/moodle/moodle/commit/0e94caf991d4e399726e5dc0769873d9f753a727
generic_textual	MODERATE	https://github.com/moodle/moodle/commit/46eec6e46b89a7e8e3f08e460d917f2d1a2959d8
generic_textual	MODERATE	https://github.com/moodle/moodle/commit/92e592385784ec7ea5b5328a0c3c1608d321ad32
generic_textual	MODERATE	https://github.com/moodle/moodle/commit/ce96f23fe15ce6addc2f56af015452c3ea406190
generic_textual	MODERATE	https://moodle.org/mod/forum/discuss.php?d=225343
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2013-1832

Reference id	Reference type	URL
		http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37681
		http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101310.html
		http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101358.html
		http://openwall.com/lists/oss-security/2013/03/25/2
		https://api.first.org/data/v1/epss?cve=CVE-2013-1832
		https://github.com/moodle/moodle
		https://github.com/moodle/moodle/commit/0e94caf991d4e399726e5dc0769873d9f753a727
		https://github.com/moodle/moodle/commit/46eec6e46b89a7e8e3f08e460d917f2d1a2959d8
		https://github.com/moodle/moodle/commit/92e592385784ec7ea5b5328a0c3c1608d321ad32
		https://github.com/moodle/moodle/commit/ce96f23fe15ce6addc2f56af015452c3ea406190
		https://moodle.org/mod/forum/discuss.php?d=225343
		https://nvd.nist.gov/vuln/detail/CVE-2013-1832
GHSA-pgp5-rcwp-qvfg		https://github.com/advisories/GHSA-pgp5-rcwp-qvfg

No exploits are available.

Exploit Prediction Scoring System (EPSS)

Percentile	0.45956
EPSS Score	0.00232
Published At	June 30, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-01T12:28:50.528595+00:00	GithubOSV Importer	Import	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-pgp5-rcwp-qvfg/GHSA-pgp5-rcwp-qvfg.json	36.1.3