High severityNVD Advisory· Published Mar 25, 2022· Updated Aug 2, 2024
CVE-2022-0983
CVE-2022-0983
Description
An SQL injection risk was identified in Badges code relating to configuring criteria. Access to the relevant capability was limited to teachers and managers by default.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
moodle/moodlePackagist | >= 3.11.0, < 3.11.6 | 3.11.6 |
moodle/moodlePackagist | >= 3.10.0, < 3.10.10 | 3.10.10 |
moodle/moodlePackagist | < 3.9.13 | 3.9.13 |
Affected products
2- osv-coords2 versions
>= 3.9.0, < 3.9.13+ 1 more
- (no CPE)range: >= 3.9.0, < 3.9.13
- (no CPE)range: >= 3.11.0, < 3.11.6
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-h2fw-93qx-vrcqghsaADVISORY
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4GRMWBGHOJMFXMTORECQNULJK7ZJJ6Y/mitrevendor-advisoryx_refsource_FEDORA
- nvd.nist.gov/vuln/detail/CVE-2022-0983ghsaADVISORY
- bugzilla.redhat.com/show_bug.cgighsax_refsource_MISCWEB
- github.com/moodle/moodle/commit/c2794752ea3cdda2d64a0651da08b2cdf730d9f1ghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G4GRMWBGHOJMFXMTORECQNULJK7ZJJ6YghsaWEB
News mentions
0No linked articles in our index yet.