CVE-2022-0983

State: PUBLISHED · Published: 2022-03-25 · Updated: 2024-08-02 · Assigner: redhat

Description

An SQL injection risk was identified in Badges code relating to configuring criteria. Access to the relevant capability was limited to teachers and managers by default.

CWE

CWE-89 — CWE-89

Affected

n/a / moodle — v=moodle 3.11.6, moodle 3.10.10, moodle 3.9.13 [affected]

CVSS

(none)

References

https://bugzilla.redhat.com/show_bug.cgi?id=2064119 x_refsource_MISC
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4GRMWBGHOJMFXMTORECQNULJK7ZJJ6Y/ vendor-advisory, x_refsource_FEDORA

Source

cvelistV5-main/cves/2022/0xxx/CVE-2022-0983.json