BIT-moodle-2023-1402

See a problem?

Import Source

https://github.com/bitnami/vulndb/tree/main/data/moodle/BIT-moodle-2023-1402.json

JSON Data

https://api.test.osv.dev/v1/vulns/BIT-moodle-2023-1402

Aliases

Published

2024-03-06T11:01:34.997Z

Modified

2025-05-20T10:02:07.006Z

Summary

Moodle: course participation report shows roles the user should not see

Details

The course participation report required additional checks to prevent roles being displayed which the user did not have access to view.

Database specific

{
    "severity": "Medium",
    "cpes": [
        "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:3.11.0:-:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:3.9.0:-:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:4.0.0:-:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:4.1.0:-:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:4.1.1:*:*:*:*:*:*:*"
    ]
}

References

Affected packages

Bitnami / moodle

Package

Name: moodle
Purl: pkg:bitnami/moodle

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Affected ranges

Type: SEMVER
Events: Introduced

3.9.0

Fixed

3.9.20

Introduced

3.11.0

Fixed

3.11.13

Introduced

4.0.0

Fixed

4.0.7

Introduced

4.1.0

Fixed

4.1.2

Database specific

source

"https://github.com/bitnami/vulndb/tree/main/data/moodle/BIT-moodle-2023-1402.json"