Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-p9hr-f4xj-8w8r

GitHub Security Advisory

Moodle included private user files in course backups

✓ GitHub Reviewed MODERATE Has CVE
View on GitHub

Advisory Details

Moodle before 2.2.2 is vulnerable to information disclosure because course backups were including users' private files.

Affected Packages

Packagist moodle/moodle
Affected versions: 2.2 (fixed in 2.2.2)
Packagist moodle/moodle
Affected versions: 2.1 (fixed in 2.1.5)
Packagist moodle/moodle
Affected versions: 2.0 (fixed in 2.0.8)
Packagist moodle/moodle
Affected versions: 0 (fixed in 1.9.17)

Related CVEs

CVE-2012-1159

Key Information

GHSA ID
GHSA-p9hr-f4xj-8w8r
Published
April 23, 2022 12:40 AM
Last Modified
December 29, 2023 8:55 PM
CVSS Score
5.0 /10
Primary Ecosystem
Packagist
Primary Package
moodle/moodle
GitHub Reviewed
✓ Yes

Dataset

Last updated: September 14, 2025 6:31 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.