GCVE - cpe:2.3:a:moodle:moodle:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:moodle:moodle:-:*:*:*:*:*:*:*

part: a version: - update: *

Vendor	Moodle (`1f527b56-744d-5be6-b0f4-b691bd50b8c3`)
Product	Moodle (`221dc9da-2dde-53d2-a358-e0cb5ac858f7`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:docker/bitnami/moodle`	purl2cpe	2026-06-01 10:13:13.699069
`pkg:github/moodle/moodle`	purl2cpe	2026-06-01 10:13:13.699070
`pkg:rpm/fedora/moodle`	purl2cpe	2026-06-01 10:13:13.699072
`pkg:rpm/opensuse/moodle`	purl2cpe	2026-06-01 10:13:13.699073

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-45690`	vulnerable	2026-06-08 06:48:08.912877	Moodle: idor when deleting oauth2 linked accounts A flaw was found in Moodle. Additional checks were required to ensure users can only delete their OAuth2-linked accounts. Published: 2024-11-20T10:23:38.420Z Updated: 2024-11-27T14:15:55.442Z Open on db.gcve.eu Reference links https://bugzilla.redhat.com/show_bug.cgi?id=2309939 https://moodle.org/security/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-43439`	vulnerable	2026-06-08 06:45:51.323422	Moodle: reflected xss via h5p error message MEDIUM (5.4) A flaw was found in moodle. H5P error messages require additional sanitizing to prevent a reflected cross-site scripting (XSS) risk. Published: 2024-11-11T16:00:39.212Z Updated: 2024-11-12T14:55:08.278Z Open on db.gcve.eu Reference links https://bugzilla.redhat.com/show_bug.cgi?id=2304268 https://moodle.org/mod/forum/discuss.php?d=461209	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-43430`	vulnerable	2026-06-08 06:45:51.319734	Moodle: lack of access control when using external methods for quiz overrides MEDIUM (5.3) A flaw was found in moodle. External API access to Quiz can override contained insufficient access control. Published: 2024-11-11T12:15:36.451Z Updated: 2024-11-12T15:01:22.872Z Open on db.gcve.eu Reference links https://bugzilla.redhat.com/show_bug.cgi?id=2304258 https://moodle.org/mod/forum/discuss.php?d=461198	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-5546`	vulnerable	2026-06-08 06:19:43.993458	Moodle: stored xss in quiz grading report via user id number MEDIUM (4.3) ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. Published: 2023-11-09T19:34:21.895Z Updated: 2024-08-02T07:59:44.768Z Open on db.gcve.eu Reference links http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-78971 https://bugzilla.redhat.com/show_bug.cgi?id=2243445 https://moodle.org/mod/forum/discuss.php?d=451587	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-5542`	vulnerable	2026-06-08 06:19:43.983757	Moodle: students can view other users in "only see own membership" groups LOW (3.3) Students in "Only see own membership" groups could see other students in the group, which should be hidden. Published: 2023-11-09T19:27:38.733Z Updated: 2024-08-02T07:59:44.790Z Open on db.gcve.eu Reference links http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79213 https://bugzilla.redhat.com/show_bug.cgi?id=2243441 https://moodle.org/mod/forum/discuss.php?d=451583	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-28330`	vulnerable	2026-06-08 06:01:10.368069	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-28329`	vulnerable	2026-06-08 06:01:10.361295	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.