BIT-moodle-2022-0335
See a problem?- Import Source
- https://github.com/bitnami/vulndb/tree/main/data/moodle/BIT-moodle-2022-0335.json
- JSON Data
- https://api.osv.dev/v1/vulns/BIT-moodle-2022-0335
- Aliases
-
- CVE-2022-0335
- GHSA-xpfv-89vg-r562
- Published
- 2024-03-06T11:05:44.512Z
- Modified
- 2024-03-06T11:25:28.861Z
- Summary
- [none]
- Details
-
A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The "delete badge alignment" functionality did not include the necessary token check to prevent a CSRF risk.
- Database specific
{ "cpes": [ "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*" ], "severity": "High" }- References
Affected packages
Bitnami / moodle
Package
- Name
- moodle
- Purl
- pkg:bitnami/moodle
Severity
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator