CVE-2023-30944

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-30944
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-30944.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-30944
Aliases
Downstream
Published
2023-05-02T20:15:11.013Z
Modified
2026-02-23T08:27:25.984592Z
Severity
  • 7.3 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L CVSS Calculator
Summary
[none]
Details

The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected application and execute limited SQL commands within the application database.

References

Affected packages

Git / github.com/moodle/moodle

Affected ranges

Type
GIT
Repo
https://github.com/moodle/moodle
Events
Introduced
0ea3d45e04c3d54a3a472ddcb11606b30e227c50
Fixed
b2d07127484b34fa1489ccf554087dd7335ea396
Introduced
500c131eb49771e36f68d151dfa37fef5a9bc2df
Fixed
b90b0e6a8a32aa461b71c0ef762273330271395b
Introduced
8b359ad7a63cf219110bca80552fe3d4ea2a635d
Fixed
2caed2991ed05e936c0f08f4ce790594b3d9a6b1
Introduced
94f2d3fc4b974c5c7d500988c56b7ca15f58d7ec
Fixed
9d8ec047be18c48723224ed9f1531c49e08529ff

Affected versions

v3.*
v3.10.0
v3.10.0-beta
v3.10.0-rc1
v3.10.0-rc2
v3.11.0
v3.11.0-beta
v3.11.0-rc1
v3.11.0-rc2
v3.11.1
v3.11.10
v3.11.11
v3.11.12
v3.11.13
v3.11.2
v3.11.3
v3.11.4
v3.11.5
v3.11.6
v3.11.7
v3.11.8
v3.11.9
v3.9.0
v3.9.1
v3.9.10
v3.9.11
v3.9.12
v3.9.13
v3.9.14
v3.9.15
v3.9.16
v3.9.17
v3.9.18
v3.9.19
v3.9.2
v3.9.20
v3.9.3
v3.9.4
v3.9.5
v3.9.6
v3.9.7
v3.9.8
v3.9.9
v4.*
v4.0.0
v4.0.0-beta
v4.0.0-rc1
v4.0.0-rc2
v4.0.0-rc3
v4.0.0-rc4
v4.0.1
v4.0.2
v4.0.3
v4.0.4
v4.0.5
v4.0.6
v4.0.7
v4.1.0
v4.1.1
v4.1.2

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-30944.json"