Description
A limited SQL injection risk was identified on the Mnet SSO access control page. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2023-1683 | A limited SQL injection risk was identified on the Mnet SSO access control page. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions. |
Github GHSA |
GHSA-49mv-vfcp-8gg9 | Moodle vulnerable to SQL Injection |
References
History
Fri, 27 Feb 2026 00:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Status: PUBLISHED
Assigner: fedora
Published:
Updated: 2024-08-02T16:23:59.341Z
Reserved: 2023-06-13T00:00:00.000Z
Link: CVE-2023-35132
Updated: 2024-08-02T16:23:59.341Z
Status : Modified
Published: 2023-06-22T21:15:09.470
Modified: 2026-06-17T06:04:27.363
Link: CVE-2023-35132
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
EUVD
Github GHSA