7.3

CVSS Score

Basic Information

CVE ID

CVE-2023-30944

GHSA ID

GHSA-7mmc-22g7-3xq2

EPSS Score

CWE

CWE-89

Published

5/2/2023

Updated

4/19/2024

KEV Status

Technology

PHP

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2023-30944

CVE-2023-30944:
Moodle SQL Injection vulnerability

The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected application and execute limited SQL commands within the application database.

(GitHub Advisory)

7.3

CVSS Score

Basic Information

CVE ID

CVE-2023-30944

GHSA ID

GHSA-7mmc-22g7-3xq2

EPSS Score

CWE

CWE-89

Published

5/2/2023

Updated

4/19/2024

KEV Status

Technology

PHP

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
moodle/moodle	composer	< 4.2.0-rc2	4.2.0-rc2

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from the pre-patch code in get_subwiki_pages() where user-supplied 'sortby' and 'sortdirection' parameters were concatenated into an SQL ORDER BY clause without proper whitelist validation. The patch introduced get_safe_orderby() to validate these parameters against a predefined list of allowed columns, confirming the original implementation lacked proper input sanitization for SQL query construction.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** vuln*r**ility w*s *oun* Moo*l* w*i** *xists *u* to insu**i*i*nt s*nitiz*tion o* us*r-suppli** **t* in *xt*rn*l Wiki m*t*o* *or listin* p***s. * r*mot* *tt**k*r **n s*n* * sp**i*lly *r**t** r*qu*st to t** *****t** *ppli**tion *n* *x**ut* limit** S

Reasoning

T** vuln*r**ility st*ms *rom t** pr*-p*t** *o** in **t_su*wiki_p***s() w**r* us*r-suppli** 'sort*y' *n* 'sort*ir**tion' p*r*m*t*rs w*r* *on**t*n*t** into *n SQL OR**R *Y *l*us* wit*out prop*r w*it*list v*li**tion. T** p*t** intro*u*** **t_s***_or**r*

7.3

Basic Information

Concerned about an active attack path?

CVE-2023-30944: Moodle SQL Injection vulnerability

7.3

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2023-30944:
Moodle SQL Injection vulnerability

Vulnerability Intelligence
Miggo AI