Lucene search

FedoraCVELIST:CVE-2022-30599

HistoryMay 18, 2022 - 5:09 p.m.

CVE-2022-30599

2022-05-1817:09:01

CWE-89

fedora

www.cve.org

10 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.4%

JSON

A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria.

CNA Affected

[
  {
    "product": "moodle",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Affects : 4.0, 3.11 to 3.11.6, 3.10 to 3.10.10, 3.9 to 3.9.13 and earlier unsupported versions"
      }
    ]
  }
]

References

git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-74333

bugzilla.redhat.com/show_bug.cgi?id=2083610

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OGF35EN5K2R6X3NTY3XPZSJ3UDASMXI6/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PIMSIRKCFLIC646K4GMUSZU7THOUVPAJ/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCTWSE3JDMSYL7DPCMXMMJEXZSS6VIA5/

moodle.org/mod/forum/discuss.php?d=434581