CVE-2022-40208

Опубликовано: 24 мар. 2023

Источник: nvd

CVSS3: 4.3

EPSS Низкий

Описание

In Moodle, insufficient limitations in some quiz web services made it possible for students to bypass sequential navigation during a quiz attempt.

Ссылки

https://moodle.org/mod/forum/discuss.php?d=438761
Patch
Vendor Advisory
https://moodle.org/mod/forum/discuss.php?d=438761
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*

Версия от 3.9.0 (исключая) до 3.9.16 (исключая)

cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*

Версия от 3.11.0 (исключая) до 3.11.9 (исключая)

cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*

Версия от 4.0.0 (исключая) до 4.0.3 (исключая)

cpe:2.3:a:moodle:moodle:3.9.0:-:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:3.11.0:-:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:4.0.0:-:*:*:*:*:*:*

EPSS

Процентиль: 27%

0.00089

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-285

NVD-CWE-Other

Связанные уязвимости

CVE-2022-40208

CVSS3: 4.3

ubuntu

около 2 лет назад

In Moodle, insufficient limitations in some quiz web services made it possible for students to bypass sequential navigation during a quiz attempt.

CVE-2022-40208

CVSS3: 4.3

debian

около 2 лет назад

In Moodle, insufficient limitations in some quiz web services made it ...

GHSA-948f-j464-rfj2

CVSS3: 4.3

github

около 2 лет назад

Moodle may allow students to bypass sequential navigation during a quiz attempt

EPSS

Процентиль: 27%

0.00089

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-285

NVD-CWE-Other