CVE-2017-7490
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2017-7490
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-7490.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2017-7490
- Aliases
- Downstream
- Published
- 2017-05-15T14:29:00.293Z
- Modified
- 2025-11-20T11:02:02.208306Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
In Moodle 2.x and 3.x, searching of arbitrary blogs is possible because a capability check is missing.
- References
Affected packages
Git / github.com/moodle/moodle
Affected ranges
- Type
- GIT
- Repo
- https://github.com/moodle/moodle
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affected
Affected versions
v1.*
v1.0.0
v1.0.1
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.0.6
v1.0.7
v1.0.8
v1.0.9
v1.1.0
v1.1.1
v1.2.0
v1.2.1
v1.3.0
v2.*
v2.0.0
v2.0.0-rc1
v2.0.0-rc2
v2.0.1
v2.0.2
v2.1.0
v2.2.0
v2.2.0-beta
v2.2.0-rc1
v2.3.0
v2.3.0-beta
v2.3.0-rc1
v2.4.0
v2.4.0-beta
v2.4.0-rc1
v2.5.0
v2.5.0-beta
v2.5.0-rc1
v2.6.0
v2.6.0-beta
v2.6.0-rc1
v2.7.0
v2.7.0-beta
v2.7.0-rc1
v2.7.0-rc2
v2.8.0
v2.8.0-beta
v2.8.0-rc1
v2.8.0-rc2
v2.9.0
v2.9.0-beta
v2.9.0-rc1
v2.9.0-rc2
v3.*
v3.0.0
v3.0.0-beta
v3.0.0-rc1
v3.0.0-rc2
v3.0.0-rc3
v3.0.0-rc4
v3.0.1
v3.0.2
v3.0.3
v3.0.4
v3.0.5