Miggo Logo

CVE-2021-36392: Moodle SQL Injection vulnerability

9.8

CVSS Score
3.1

Basic Information

EPSS Score
0.6298%
Published
3/6/2023
Updated
3/13/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
moodle/moodlecomposer>= 3.11.0-beta, < 3.11.13.11.1
moodle/moodlecomposer>= 3.10.0-beta, < 3.10.53.10.5
moodle/moodlecomposer< 3.9.83.9.8

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability exists in the course enrollment fetching logic (CWE-89). Moodle's advisory references MDL-71241, which addresses SQL injection in enrollment queries. The primary function handling course enrollment data retrieval is enrol_get_my_courses in enrol/lib.php. The vulnerability stems from improper sanitization of user-controlled sorting parameters in SQL ORDER BY clauses, a common SQL injection vector when dynamic query construction is used without proper parameter binding. This matches the described risk pattern and affected component.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

In Moo*l*, *n SQL inj**tion risk w*s i**nti*i** in t** li*r*ry **t**in* * us*r's *nroll** *ours*s.

Reasoning

T** vuln*r**ility *xists in t** *ours* *nrollm*nt **t**in* lo*i* (*W*-**). Moo*l*'s **visory r***r*n**s M*L-*****, w*i** ***r*ss*s SQL inj**tion in *nrollm*nt qu*ri*s. T** prim*ry *un*tion **n*lin* *ours* *nrollm*nt **t* r*tri*v*l is *nrol_**t_my_*ou