Detections
Analytics
Moodle 4.3.x < 4.3.10 Multiple Vulnerabilities
critical Web App Scanning Plugin ID 114699
Language:
Synopsis
Moodle 4.3.x < 4.3.10 Multiple VulnerabilitiesDescription
According to its self-reported version, the Moodle install hosted on the remote host is prior to 4.1.16 or 4.3.x prior to 4.3.10 or 4.4.x prior to 4.4.6 or 4.5.x prior to 4.5.2. It is, therefore, affected by multiple vulnerabilities.- An SQL injection risk was identified in the module list filter within course search.
- Additional checks were required to ensure trusttext is applied (when enabled) to glossary entries being restored.
- Insufficient capability checks made it possible to disable badges a user does not have permission to access.
- The upstream RequireJS library was upgraded, which included a security fix.
- The question bank filter required additional sanitizing to prevent a reflected XSS risk.
- Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS risk.
- The drag-and-drop onto image (ddimageortext) question type required additional sanitizing to prevent a stored XSS risk.
- Tags not expected to be visible to a user could still be discovered by them via the tag search page or in the tags block.
- Separate Groups mode restrictions were not factored into permission checks before allowing viewing or deletion of responses in Feedback activities.
- Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available (such as those with TeX Live installed).
Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update to Moodle version 4.3.10 or later.See Also
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79976
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-82896
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-83941
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84003
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84023
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84136
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84145
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84239
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84271
https://moodle.org/mod/forum/discuss.php?d=466141#p1871271
https://moodle.org/mod/forum/discuss.php?d=466142#p1871272
https://moodle.org/mod/forum/discuss.php?d=466143#p1871273
https://moodle.org/mod/forum/discuss.php?d=466144#p1871274
https://moodle.org/mod/forum/discuss.php?d=466145#p1871275
https://moodle.org/mod/forum/discuss.php?d=466147#p1871277
https://moodle.org/mod/forum/discuss.php?d=466148#p1871278
Plugin Details
Severity: Critical
ID: 114699
Type: remote
Family: Component Vulnerability
Published: 4/10/2025
Updated: 4/10/2025
Scan Template: basic, full, pci, scan
Risk Information
VPR
Risk Factor: High
Score: 7.3
CVSS v2
Risk Factor: High
Base Score: 9
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:C
CVSS Score Source: CVE-2024-38999
CVSS v3
Risk Factor: Critical
Base Score: 10
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CVSS Score Source: CVE-2024-38999
Vulnerability Information
CPE: cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*
Exploit Ease: No known exploits are available
Vulnerability Publication Date: 2/23/2025
Reference Information
CVE: CVE-2024-38999, CVE-2025-26525, CVE-2025-26526, CVE-2025-26527, CVE-2025-26528, CVE-2025-26529, CVE-2025-26530, CVE-2025-26531, CVE-2025-26532, CVE-2025-26533
CWE: 1230, 1321, 552, 79, 863, 89
OWASP: 2010-A1, 2010-A2, 2010-A8, 2013-A1, 2013-A3, 2013-A7, 2013-A9, 2017-A1, 2017-A5, 2017-A7, 2017-A9, 2021-A1, 2021-A3, 2021-A6
WASC: Cross-Site Scripting, Insufficient Authorization, SQL Injection
CAPEC: 1, 108, 109, 110, 150, 180, 209, 470, 588, 591, 592, 63, 639, 66, 7, 77, 85
DISA STIG: APSC-DV-000460, APSC-DV-000480, APSC-DV-002490, APSC-DV-002540, APSC-DV-002560, APSC-DV-002630
HIPAA: 164.306(a)(1), 164.306(a)(2), 164.312(a)(1), 164.312(a)(2)(i), 164.312(e)
ISO: 27001-A.13.1.1, 27001-A.13.1.3, 27001-A.13.2.1, 27001-A.14.1.2, 27001-A.14.1.3, 27001-A.14.2.5, 27001-A.18.1.3, 27001-A.6.2.2, 27001-A.9.1.2, 27001-A.9.4.1, 27001-A.9.4.4, 27001-A.9.4.5
NIST: sp800_53-AC-3, sp800_53-AC-4, sp800_53-CM-6b, sp800_53-SI-10
OWASP API: 2019-API7, 2019-API8, 2023-API8
OWASP ASVS: 4.0.2-14.2.1, 4.0.2-5.3.1, 4.0.2-5.3.3, 4.0.2-5.3.4
PCI-DSS: 3.2-2.2, 3.2-6.2, 3.2-6.5, 3.2-6.5.1, 3.2-6.5.7, 3.2-6.5.8