CVE-2022-0332

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-0332
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-0332.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-0332
Aliases
Downstream
Published
2022-01-25T20:15:08.750Z
Modified
2025-11-14T12:42:30.194341Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data.

References

Affected packages

Git / github.com/moodle/moodle

Affected ranges

Type
GIT
Repo
https://github.com/moodle/moodle
Events
Introduced
94f2d3fc4b974c5c7d500988c56b7ca15f58d7ec
Fixed
a59bec2a6f3c093ebe3b8eb0316c07188a4a339e

Affected versions

v3.*

v3.11.0
v3.11.1
v3.11.2
v3.11.3
v3.11.4

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-0332.json"