7.7
CVE-2024-43428
- EPSS 0.06%
- Veröffentlicht 07.11.2024 14:15:15
- Zuletzt bearbeitet 01.05.2025 16:01:48
- Quelle patrick@puiterwijk.org
- CVE-Watchlists
- Unerledigt
Moodle: cache poisoning via injection into storage
To address a cache poisoning risk in Moodle, additional validation for local storage was required.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.182 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.1 | 1.8 | 5.2 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
|
| patrick@puiterwijk.org | 7.7 | 2.5 | 5.2 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
CWE-345 Insufficient Verification of Data Authenticity
The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.