CVE-2021-36392: Moodle SQL Injection vulnerability
9.8
CVSS Score
3.1
Basic Information
CVE ID
GHSA ID
EPSS Score
0.6298%
CWE
Published
3/6/2023
Updated
3/13/2023
KEV Status
No
Technology
PHP
PHPTechnical Details
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| moodle/moodle | composer | >= 3.11.0-beta, < 3.11.1 | 3.11.1 |
| moodle/moodle | composer | >= 3.10.0-beta, < 3.10.5 | 3.10.5 |
| moodle/moodle | composer | < 3.9.8 | 3.9.8 |
Vulnerability Intelligence
Miggo AI
Miggo AIRoot Cause Analysis
The vulnerability exists in the course enrollment fetching logic (CWE-89). Moodle's advisory references MDL-71241, which addresses SQL injection in enrollment queries. The primary function handling course enrollment data retrieval is enrol_get_my_courses in enrol/lib.php. The vulnerability stems from improper sanitization of user-controlled sorting parameters in SQL ORDER BY clauses, a common SQL injection vector when dynamic query construction is used without proper parameter binding. This matches the described risk pattern and affected component.