Detections
Analytics
Moodle 3.11.x < 3.11.13 Multiple Vulnerabilities
critical Web App Scanning Plugin ID 114766
Language:
Synopsis
Moodle 3.11.x < 3.11.13 Multiple VulnerabilitiesDescription
According to its self-reported version, the Moodle install hosted on the remote host is prior to 3.9.20, 3.11.x prior to 3.11.13, 4.0.x prior to 4.0.7 or 4.1.x prior to 4.1.2. It is, therefore, affected by multiple vulnerabilities.- The course participation report required additional checks to prevent roles being displayed which the user did not have access to view.
- Insufficient filtering of grade report history made it possible for teachers to access the names of users they could not otherwise access.
- The Mustache pix helper contained a potential Mustache injection risk if combined with user input (note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS).
- If the algebra filter was enabled but not functional (eg the necessary binaries were missing from the server), it presented an XSS risk.
- Content output by the database auto-linking filter required additional sanitizing to prevent an XSS risk.
- Insufficient sanitizing in backup resulted in an arbitrary file read risk. The capability to access this feature is only available to teachers, managers and admins by default.
- Insufficient validation of profile field availability condition resulted in an SQL injection risk (by default only available to teachers and managers).
Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to Moodle version 3.11.13 or later.See Also
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-75517
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-75659
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-76645
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-76809
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77046
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77204
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77524
https://moodle.org/mod/forum/discuss.php?d=445061#p1788894
https://moodle.org/mod/forum/discuss.php?d=445062#p1788895
https://moodle.org/mod/forum/discuss.php?d=445063#p1788896
https://moodle.org/mod/forum/discuss.php?d=445064#p1788897
https://moodle.org/mod/forum/discuss.php?d=445065#p1788898
Plugin Details
Severity: Critical
ID: 114766
Type: remote
Family: Component Vulnerability
Published: 4/10/2025
Updated: 4/10/2025
Scan Template: basic, full, pci, scan
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Critical
Base Score: 10
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2023-28333
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS Score Source: CVE-2023-28333
Vulnerability Information
Exploit Ease: No known exploits are available
Vulnerability Publication Date: 3/20/2023
Reference Information
CVE: CVE-2023-1402, CVE-2023-28329, CVE-2023-28330, CVE-2023-28331, CVE-2023-28332, CVE-2023-28333, CVE-2023-28336
OWASP: 2010-A1, 2010-A2, 2010-A4, 2010-A8, 2013-A1, 2013-A3, 2013-A4, 2013-A7, 2013-A9, 2017-A1, 2017-A5, 2017-A7, 2017-A9, 2021-A1, 2021-A3, 2021-A6
WASC: Cross-Site Scripting, Improper Input Handling, Insufficient Authorization, OS Commanding, SQL Injection
CAPEC: 10, 101, 104, 108, 109, 110, 120, 13, 135, 136, 14, 153, 182, 209, 22, 23, 230, 231, 24, 242, 250, 261, 267, 28, 3, 31, 35, 42, 43, 45, 46, 47, 470, 473, 52, 53, 588, 591, 592, 63, 64, 66, 67, 7, 71, 72, 73, 77, 78, 79, 8, 80, 81, 83, 85, 88, 9
DISA STIG: APSC-DV-000480, APSC-DV-002490, APSC-DV-002510, APSC-DV-002540, APSC-DV-002560, APSC-DV-002630
HIPAA: 164.306(a)(1), 164.306(a)(2), 164.312(a)(1), 164.312(e)
ISO: 27001-A.13.1.1, 27001-A.13.1.3, 27001-A.13.2.1, 27001-A.14.1.3, 27001-A.14.2.5
NIST: sp800_53-AC-4, sp800_53-CM-6b, sp800_53-SI-10
OWASP API: 2019-API7, 2019-API8, 2023-API8
OWASP ASVS: 4.0.2-14.2.1, 4.0.2-5.1.3, 4.0.2-5.2.5, 4.0.2-5.3.3, 4.0.2-5.3.4