CVE-2023-35132
- Source
- https://cve.org/CVERecord?id=CVE-2023-35132
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-35132.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-35132
- Aliases
- Downstream
- Published
- 2023-06-22T21:15:09.470Z
- Modified
- 2026-02-13T02:38:16.149792Z
- Severity
-
- 6.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CVSS Calculator
- Summary
- [none]
- Details
-
A limited SQL injection risk was identified on the Mnet SSO access control page. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions.
- References
-
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT/
- https://moodle.org/mod/forum/discuss.php?d=447830
- https://bugzilla.redhat.com/show_bug.cgi?id=2214371
- https://moodle.org/mod/forum/discuss.php?d=447830
Affected packages
Git / github.com/moodle/moodle
Affected ranges
- Type
- GIT
- Repo
- https://github.com/moodle/moodle
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedIntroducedFixedIntroducedFixedIntroducedFixed