GHSA-xhq3-455r-xv44
GitHub Security Advisory
Moodle SQL injection via user preferences
✓ GitHub Reviewed
CRITICAL
Has CVE
Advisory Details
In Moodle 2.x and 3.x, SQL injection can occur via user preferences.
Affected Packages
Packagist
moodle/moodle
Affected versions:
2.7
(fixed in 2.7.19)
Packagist
moodle/moodle
Affected versions:
3.0
(fixed in 3.0.9)
Packagist
moodle/moodle
Affected versions:
3.1
(fixed in 3.1.5)
Packagist
moodle/moodle
Affected versions:
3.2
(fixed in 3.2.2)
Related CVEs
Key Information
9.0
/10
Dataset
Last updated: August 3, 2025 6:48 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.