BIT-moodle-2024-34009

See a problem?

Import Source

https://github.com/bitnami/vulndb/tree/main/data/moodle/BIT-moodle-2024-34009.json

JSON Data

https://api.test.osv.dev/v1/vulns/BIT-moodle-2024-34009

Aliases

CVE-2024-34009
GHSA-gwf6-q6c2-94p3

Published

2025-05-31T05:57:48.365Z

Modified

2025-05-31T06:41:52.551452Z

Summary

moodle: ReCAPTCHA can be bypassed on the login page

Details

Insufficient checks whether ReCAPTCHA was enabled made it possible to bypass the checks on the login page. This did not affect other pages where ReCAPTCHA is utilized.

Database specific

{
    "severity": "High",
    "cpes": [
        "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*"
    ]
}

References

https://moodle.org/mod/forum/discuss.php?d=458398
https://nvd.nist.gov/vuln/detail/CVE-2024-34009

Affected packages

Bitnami / moodle

Package

Name: moodle
Purl: pkg:bitnami/moodle

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Affected ranges

Type: SEMVER
Events: Introduced

4.3.0

Fixed

4.3.4