VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-z9b9-9bdd-rqfs

Essentials
Severities (13)
References (8)
Severity details (11)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-z9b9-9bdd-rqfs
Aliases	CVE-2017-7531 GHSA-w2pj-r8m3-r4jc
Summary	Moodle Information Disclosure In Moodle 3.3, the course overview block reveals activities in hidden courses.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-200	Exposure of Sensitive Information to an Unauthorized Actor
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
epss	0.00199	https://api.first.org/data/v1/epss?cve=CVE-2017-7531
epss	0.00199	https://api.first.org/data/v1/epss?cve=CVE-2017-7531
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-w2pj-r8m3-r4jc
cvssv3.1	4.3	https://github.com/moodle/moodle
generic_textual	MODERATE	https://github.com/moodle/moodle
cvssv3.1	4.3	https://github.com/moodle/moodle/commit/2fe7f706d7567babd6c7aeb6612f231d2ce2fb2f
generic_textual	MODERATE	https://github.com/moodle/moodle/commit/2fe7f706d7567babd6c7aeb6612f231d2ce2fb2f
cvssv3.1	4.3	https://moodle.org/mod/forum/discuss.php?d=355555
generic_textual	MODERATE	https://moodle.org/mod/forum/discuss.php?d=355555
cvssv3.1	4.3	https://nvd.nist.gov/vuln/detail/CVE-2017-7531
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2017-7531
cvssv3.1	4.3	https://web.archive.org/web/20210124081202/http://www.securityfocus.com/bid/99618
generic_textual	MODERATE	https://web.archive.org/web/20210124081202/http://www.securityfocus.com/bid/99618

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2017-7531
		https://github.com/moodle/moodle
		https://github.com/moodle/moodle/commit/2fe7f706d7567babd6c7aeb6612f231d2ce2fb2f
		https://moodle.org/mod/forum/discuss.php?d=355555
		https://nvd.nist.gov/vuln/detail/CVE-2017-7531
		https://web.archive.org/web/20210124081202/http://www.securityfocus.com/bid/99618
		http://www.securityfocus.com/bid/99618
GHSA-w2pj-r8m3-r4jc		https://github.com/advisories/GHSA-w2pj-r8m3-r4jc

No exploits are available.

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://github.com/moodle/moodle

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://github.com/moodle/moodle/commit/2fe7f706d7567babd6c7aeb6612f231d2ce2fb2f

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://moodle.org/mod/forum/discuss.php?d=355555

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2017-7531

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://web.archive.org/web/20210124081202/http://www.securityfocus.com/bid/99618

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.42373
EPSS Score	0.00199
Published At	June 30, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-01T12:30:28.281780+00:00	GithubOSV Importer	Import	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-w2pj-r8m3-r4jc/GHSA-w2pj-r8m3-r4jc.json	36.1.3