← Back

CVE-2022-30598

nvd nist
Published: May 18, 2022Modified: Nov 21, 2024

JSON object

Loading...
4.3
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Exploitability: 2.8 / Impact: 1.4
Source: NVD

Description

A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it.

Affected (8)

Moodle
1 product
Moodle
Redhat
1 product
Enterprise Linux
Fedoraproject
1 product
Fedora
Configuration A
4 vulnerable
Vulnerable SoftwareAffected Versions
Moodle
Moodle
From 3.10 to 3.10.11
Moodle
From 3.11 to 3.11.7
Moodle
From 3.9 to 3.9.14
Moodle
Version 4.0.0
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Enterprise Linux
Version 8.0
Configuration C
3 vulnerable
Vulnerable SoftwareAffected Versions
Fedoraproject
Fedora
Version 34
Fedora
Version 35
Fedora
Version 36

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (12)

Source: patrick@puiterwijk.org
PatchVendor Advisory
Source: patrick@puiterwijk.org
Issue TrackingThird Party Advisory
Source: patrick@puiterwijk.org
Source: patrick@puiterwijk.org
Source: patrick@puiterwijk.org
Source: patrick@puiterwijk.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.