BIT-moodle-2023-5542

See a problem?

Import Source

https://github.com/bitnami/vulndb/tree/main/data/moodle/BIT-moodle-2023-5542.json

JSON Data

https://api.test.osv.dev/v1/vulns/BIT-moodle-2023-5542

Aliases

CVE-2023-5542
GHSA-8mm2-m2gp-c6x2

Published

2024-03-06T10:58:09.570Z

Modified

2025-05-20T10:02:07.006Z

Summary

Moodle: students can view other users in "only see own membership" groups

Details

Students in "Only see own membership" groups could see other students in the group, which should be hidden.

Database specific

{
    "cpes": [
        "cpe:2.3:a:moodle:moodle:4.2.2:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*"
    ],
    "severity": "Medium"
}

References

http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79213
https://bugzilla.redhat.com/show_bug.cgi?id=2243441
https://moodle.org/mod/forum/discuss.php?d=451583
https://nvd.nist.gov/vuln/detail/CVE-2023-5542

Affected packages

Bitnami / moodle

Package

Name: moodle
Purl: pkg:bitnami/moodle

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Affected ranges

Type: SEMVER
Events: Introduced

4.2.2

Fixed

4.2.3