{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-04T09:39:47.750","vulnerabilities":[{"cve":{"id":"CVE-2021-43559","sourceIdentifier":"patrick@puiterwijk.org","published":"2021-11-22T16:15:08.287","lastModified":"2024-11-21T06:29:26.177","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. The \"delete related badge\" functionality did not include the necessary token check to prevent a CSRF risk."},{"lang":"es","value":"Se encontró un fallo en Moodle en versiones 3.11 a 3.11.3, 3.10 a 3.10.7, 3.9 a 3.9.10 y versiones anteriores no soportadas. La funcionalidad \"delete related badge\" no incluía la comprobación de tokens necesaria para evitar un riesgo de tipo CSRF"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"patrick@puiterwijk.org","type":"Secondary","description":[{"lang":"en","value":"CWE-352"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*","versionEndIncluding":"3.8.8","matchCriteriaId":"4217FD61-6104-4E75-9682-5B062DAE8F07"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*","versionStartIncluding":"3.9.0","versionEndExcluding":"3.9.11","matchCriteriaId":"5A89EE08-E6AB-44F3-8FC1-16888828FA39"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*","versionStartIncluding":"3.10.0","versionEndExcluding":"3.10.8","matchCriteriaId":"263E6DFA-1E01-4254-BFB8-DFFB2D9976EF"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*","versionStartIncluding":"3.11.0","versionEndExcluding":"3.11.4","matchCriteriaId":"9B915A05-16EC-43E4-9B4B-BCD5E5E1ABBF"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"3D9C7598-4BB4-442A-86DF-EEDE041A4CC7"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*","matchCriteriaId":"80E516C0-98A4-4ADE-B69F-66A772E2BAAA"}]}]}],"references":[{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2021517","source":"patrick@puiterwijk.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://moodle.org/mod/forum/discuss.php?d=429099","source":"patrick@puiterwijk.org","tags":["Patch","Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2021517","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://moodle.org/mod/forum/discuss.php?d=429099","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}