Vulnerability Database
Blog
FAQ
Docs
BIT-moodle-2024-25979
See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/moodle/BIT-moodle-2024-25979.json
JSON Data
https://api.osv.dev/v1/vulns/BIT-moodle-2024-25979
Aliases
CVE-2024-25979
GHSA-6vjf-48fh-vxxj
Published
2024-03-31T18:22:42.352Z
Modified
2024-05-24T07:53:33.063Z
Summary
[none]
Details
The URL parameters accepted by forum search were not limited to the allowed parameters.
References
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-69774
https://bugzilla.redhat.com/show_bug.cgi?id=2264095
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/
https://moodle.org/mod/forum/discuss.php?d=455635
Affected packages
Bitnami
/
moodle
Package
Name
moodle
Purl
pkg:bitnami/moodle
Severity
5.3 (Medium)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVSS Calculator
Affected ranges
Type
SEMVER
Events
Introduced
4.3.0
Fixed
4.3.3
Introduced
4.2.0
Fixed
4.2.6
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
4.1.9
BIT-moodle-2024-25979 - OSV