Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2016-5013

In Moodle 2.x and 3.x, text injection can occur in email headers, potentially leading to outbound spam.

2017-01-20T08:59:00.220

2025-04-20T01:37:25.860

Deferred

CVSSv3.0: 5.4 (MEDIUM)

AV:N/AC:M/Au:N/C:P/I:P/A:N

8.6

4.9

Type	Vendor	Product	Version/Range	Vulnerable?
Application	moodle	moodle	≤ 2.7.14	Yes
Application	moodle	moodle	2.8.0	Yes
Application	moodle	moodle	2.8.1	Yes
Application	moodle	moodle	2.8.2	Yes
Application	moodle	moodle	2.8.3	Yes
Application	moodle	moodle	2.8.4	Yes
Application	moodle	moodle	2.8.5	Yes
Application	moodle	moodle	2.8.6	Yes
Application	moodle	moodle	2.8.7	Yes
Application	moodle	moodle	2.8.8	Yes
Application	moodle	moodle	2.8.9	Yes
Application	moodle	moodle	2.8.10	Yes
Application	moodle	moodle	2.8.11	Yes
Application	moodle	moodle	2.8.12	Yes
Application	moodle	moodle	2.9.0	Yes
Application	moodle	moodle	2.9.1	Yes
Application	moodle	moodle	2.9.2	Yes
Application	moodle	moodle	2.9.3	Yes
Application	moodle	moodle	2.9.4	Yes
Application	moodle	moodle	2.9.5	Yes
Application	moodle	moodle	2.9.6	Yes
Application	moodle	moodle	3.0.0	Yes
Application	moodle	moodle	3.0.1	Yes
Application	moodle	moodle	3.0.2	Yes
Application	moodle	moodle	3.0.3	Yes
Application	moodle	moodle	3.0.4	Yes
Application	moodle	moodle	3.1.0	Yes

http://www.securityfocus.com/bid/92040 Third Party Advisory, VDB Entry ([email protected])
https://moodle.org/mod/forum/discuss.php?d=336698 Mitigation, Patch, Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/92040 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://moodle.org/mod/forum/discuss.php?d=336698 Mitigation, Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)