Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-43425

A flaw was found in Moodle. Additional restrictions are required to avoid a remote code execution risk in calculated question types. Note: This requires the capability to add/update questions.

Published

2024-11-07T14:15:15.280

Last Modified

2025-05-01T16:01:21.307

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.1 (HIGH)

Weaknesses
  • Type: Secondary
    CWE-94
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application moodle moodle < 4.1.12 Yes
Application moodle moodle < 4.2.9 Yes
Application moodle moodle < 4.3.6 Yes
Application moodle moodle < 4.4.2 Yes
References