Lucene search
HistoryFeb 19, 2024 - 5:15 p.m.
CVE-2024-25979
forum search
url parameters
allowed
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
AI Score
5.6
Confidence
High
EPSS
0
Percentile
15.5%
The URL parameters accepted by forum search were not limited to the allowed parameters.
Related
veracode
veracode
Improper Input Validation
2024-04-03 19:26:23
cvelist
cvelist
osv
osv
Improper Handling of Parameters in moodle
2024-02-19 18:31:32
BIT-moodle-2024-25979
2024-03-31 18:22:42
cve
cve
CVE-2024-25979
2024-02-19 17:15:08
ubuntucve
ubuntucve
CVE-2024-25979
2024-02-19 00:00:00
prion
prion
Code injection
2024-02-19 17:15:00
github
github
Improper Handling of Parameters in moodle
2024-02-19 18:31:32
vulnrichment
vulnrichment
openvas
openvas
Moodle 4.1.x < 4.1.9, 4.2.x < 4.2.5, 4.3.x < 4.3.3 Multiple Vulnerabilities
2024-02-20 00:00:00
Fedora: Security Advisory for moodle (FEDORA-2024-d2f180202f)
2024-03-01 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: moodle-4.1.9-1.fc38
2024-02-29 02:00:34
nessus
nessus
Fedora 38 : moodle (2024-d2f180202f)
2024-02-29 00:00:00
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
AI Score
5.6
Confidence
High
EPSS
0
Percentile
15.5%
Related for NVD:CVE-2024-25979