Multiple vulnerabilities in Moodle
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 16 |
| CVE-ID | CVE-2024-43439 CVE-2024-43425 CVE-2024-43426 CVE-2024-43427 CVE-2024-43428 CVE-2024-43429 CVE-2024-43430 CVE-2024-43431 CVE-2024-43432 CVE-2024-43433 CVE-2024-43434 CVE-2024-43435 CVE-2024-43436 CVE-2024-43438 CVE-2024-43440 CVE-2024-43437 |
| CWE-ID | CWE-79 CWE-94 CWE-200 CWE-524 CWE-284 CWE-352 CWE-264 CWE-89 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #2 is available. |
| Vulnerable software |
Moodle Web applications / Other software |
| Vendor | moodle.org |
Security Bulletin
This security bulletin contains information about 16 vulnerabilities.
1) Cross-site scripting
EUVDB-ID: #VU96225
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-43439
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data within H5P error message. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMoodle: 4.1.0 - 4.4.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.9:*:*:*:*:*:*:*
https://moodle.org/mod/forum/discuss.php?d=461209
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Code Injection
EUVDB-ID: #VU96253
Risk: Medium
CVSSv4.0: 8.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Green]
CVE-ID: CVE-2024-43425
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation within calculated question types. A remote user can send a specially crafted request and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMoodle: 4.1.0 - 4.4.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.10:*:*:*:*:*:*:*
https://moodle.org/mod/forum/discuss.php?d=461193
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.
3) Information disclosure
EUVDB-ID: #VU96252
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-43426
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to insufficient sanitizing in the TeX notation filter. A remote attacker can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMoodle: 4.1.0 - 4.4.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.11:*:*:*:*:*:*:*
https://moodle.org/mod/forum/discuss.php?d=461194
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Information disclosure
EUVDB-ID: #VU96251
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-43427
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the admin presets export tool includes some secrets that should not be exported. A remote attacker can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMoodle: 4.1.0 - 4.4.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.0:*:*:*:*:*:*:*
https://moodle.org/mod/forum/discuss.php?d=461195
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Use of cache containing sensitive information
EUVDB-ID: #VU96250
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-43428
CWE-ID:
CWE-524 - Use of Cache Containing Sensitive Information
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise user accounts.
The vulnerability exists due to cache poisoning via injection into storage. A remote attacker can gain access to sensitive information.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMoodle: 4.1.0 - 4.4.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.1:*:*:*:*:*:*:*
https://moodle.org/mod/forum/discuss.php?d=461196
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Information disclosure
EUVDB-ID: #VU96249
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-43429
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to user information visibility control issues in gradebook reports. A remote user can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMoodle: 4.1.0 - 4.4.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.2:*:*:*:*:*:*:*
https://moodle.org/mod/forum/discuss.php?d=461197
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Improper access control
EUVDB-ID: #VU96248
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-43430
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions when using external methods for Quiz overrides. A remote attacker can bypass implemented security restrictions and gain unauthorized access to the application.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMoodle: 4.4.0 - 4.4.1
CPE2.3 External linkshttps://moodle.org/mod/forum/discuss.php?d=461198
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Improper access control
EUVDB-ID: #VU96245
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-43431
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to the IDOR issue in badges. A remote user can delete badges without permission to access.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMoodle: 4.1.0 - 4.4.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.3:*:*:*:*:*:*:*
https://moodle.org/mod/forum/discuss.php?d=461199
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Information disclosure
EUVDB-ID: #VU96239
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-43432
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the authorization headers preserved between "emulated redirects". A remote attacker can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMoodle: 4.1.0 - 4.4.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.4:*:*:*:*:*:*:*
https://moodle.org/mod/forum/discuss.php?d=461200
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Improper access control
EUVDB-ID: #VU96238
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-43433
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote user to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to Matrix room membership and power levels are not correctly applied/revoked for suspended Moodle users .
MitigationInstall updates from vendor's website.
Vulnerable software versionsMoodle: 4.3.0 - 4.4.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:4.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.4.1:*:*:*:*:*:*:*
https://moodle.org/mod/forum/discuss.php?d=461202
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Cross-site request forgery
EUVDB-ID: #VU96237
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-43434
CWE-ID:
CWE-352 - Cross-Site Request Forgery (CSRF)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform cross-site request forgery attacks.
The vulnerability exists due to insufficient validation of the HTTP request origin in Feedback non-respondents report. A remote attacker can trick the victim to visit a specially crafted web page and perform arbitrary actions on behalf of the victim on the vulnerable website.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMoodle: 4.1.0 - 4.4.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.5:*:*:*:*:*:*:*
https://moodle.org/mod/forum/discuss.php?d=461203
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU96236
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-43435
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to insufficient capability checks. A remote user can create global glossary without being admin.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMoodle: 4.1.0 - 4.4.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.6:*:*:*:*:*:*:*
https://moodle.org/mod/forum/discuss.php?d=461205
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) SQL injection
EUVDB-ID: #VU96235
Risk: Low
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-43436
CWE-ID:
CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data in XMLDB editor. A remote administrator can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.
Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMoodle: 4.1.0 - 4.4.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.7:*:*:*:*:*:*:*
https://moodle.org/mod/forum/discuss.php?d=461206
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Improper access control
EUVDB-ID: #VU96232
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-43438
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to the IDOR issue in Feedback non-respondents report. A remote attacker can message arbitrary site users.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMoodle: 4.1.0 - 4.4.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.8:*:*:*:*:*:*:*
https://moodle.org/mod/forum/discuss.php?d=461208
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Code Injection
EUVDB-ID: #VU96228
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-43440
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to local file inclusion when restoring malformed block backups. A remote attacker can execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMoodle: 4.1.0 - 4.4.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.4.1:*:*:*:*:*:*:*
https://moodle.org/mod/forum/discuss.php?d=461210
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Cross-site scripting
EUVDB-ID: #VU96226
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-43437
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data when restoring malicious course backup file. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMoodle: 4.1.0 - 4.4.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:4.4.1:*:*:*:*:*:*:*
https://moodle.org/mod/forum/discuss.php?d=461207
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
