GHSA-gwf6-q6c2-94p3

Опубликовано: 31 мая 2024

Источник: github

Github: Прошло ревью

CVSS4: 8.7

CVSS3: 7.5

Описание

Moodle ReCAPTCHA can be bypassed on the login page

Insufficient checks whether ReCAPTCHA was enabled made it possible to bypass the checks on the login page. This did not affect other pages where ReCAPTCHA is utilized.

Ссылки

Пакеты

Наименование

moodle/moodle

composer

Затронутые версииВерсия исправления

>= 4.3.0, < 4.3.4

4.3.4

EPSS

Процентиль: 38%

0.00162

Низкий

8.7 High

CVSS4

7.5 High

CVSS3

CVE ID

CVE-2024-34009

Дефекты

CWE-20

Связанные уязвимости

CVE-2024-34009

CVSS3: 7.5

ubuntu

около 1 года назад

Insufficient checks whether ReCAPTCHA was enabled made it possible to bypass the checks on the login page. This did not affect other pages where ReCAPTCHA is utilized.

CVE-2024-34009

CVSS3: 7.5

nvd

около 1 года назад

Insufficient checks whether ReCAPTCHA was enabled made it possible to bypass the checks on the login page. This did not affect other pages where ReCAPTCHA is utilized.

CVE-2024-34009

CVSS3: 7.5

debian

около 1 года назад

Insufficient checks whether ReCAPTCHA was enabled made it possible to ...

ROS-20240701-03

CVSS3: 7.4

redos

12 месяцев назад

Множественные уязвимости moodle

EPSS

Процентиль: 38%

0.00162

Низкий

8.7 High

CVSS4

7.5 High

CVSS3

CVE ID

CVE-2024-34009

Дефекты

CWE-20