CVE-2022-0983

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-0983
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-0983.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-0983
Aliases
Downstream
Published
2022-03-25T19:15:10.400Z
Modified
2025-11-20T11:58:33.616503Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

An SQL injection risk was identified in Badges code relating to configuring criteria. Access to the relevant capability was limited to teachers and managers by default.

References

Affected packages

Git / github.com/moodle/moodle

Affected ranges

Type
GIT
Repo
https://github.com/moodle/moodle
Events
Introduced
500c131eb49771e36f68d151dfa37fef5a9bc2df
Fixed
4e2c4bfaedc4057c3b22976757f9a2c845ba3124

Affected versions

v3.*

v3.9.0
v3.9.1
v3.9.10
v3.9.11
v3.9.12
v3.9.2
v3.9.3
v3.9.4
v3.9.5
v3.9.6
v3.9.7
v3.9.8
v3.9.9

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-0983.json"