CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-25703

The participants table download in Moodle always included user emails, but should have only done so when users' emails are not hidden. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5 and 3.7 to 3.7.8. This is fixed in moodle 3.9.3, 3.8.6, 3.7.9, and 3.10.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 53.9%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 5.0

References

Products affected by CVE-2020-25703

Moodle » Moodle » Version: 3.7.0

cpe:2.3:a:moodle:moodle:3.7.0
Moodle » Moodle » Version: 3.7.1

cpe:2.3:a:moodle:moodle:3.7.1
Moodle » Moodle » Version: 3.7.2

cpe:2.3:a:moodle:moodle:3.7.2
Moodle » Moodle » Version: 3.7.3

cpe:2.3:a:moodle:moodle:3.7.3
Moodle » Moodle » Version: 3.7.4

cpe:2.3:a:moodle:moodle:3.7.4
Moodle » Moodle » Version: 3.7.5

cpe:2.3:a:moodle:moodle:3.7.5
Moodle » Moodle » Version: 3.7.6

cpe:2.3:a:moodle:moodle:3.7.6
Moodle » Moodle » Version: 3.7.7

cpe:2.3:a:moodle:moodle:3.7.7
Moodle » Moodle » Version: 3.7.8

cpe:2.3:a:moodle:moodle:3.7.8
Moodle » Moodle » Version: 3.8.0

cpe:2.3:a:moodle:moodle:3.8.0
Moodle » Moodle » Version: 3.8.1

cpe:2.3:a:moodle:moodle:3.8.1
Moodle » Moodle » Version: 3.8.2

cpe:2.3:a:moodle:moodle:3.8.2
Moodle » Moodle » Version: 3.8.3

cpe:2.3:a:moodle:moodle:3.8.3
Moodle » Moodle » Version: 3.8.4

cpe:2.3:a:moodle:moodle:3.8.4
Moodle » Moodle » Version: 3.8.5

cpe:2.3:a:moodle:moodle:3.8.5
Moodle » Moodle » Version: 3.9.0

cpe:2.3:a:moodle:moodle:3.9.0
Moodle » Moodle » Version: 3.9.1

cpe:2.3:a:moodle:moodle:3.9.1
Moodle » Moodle » Version: 3.9.2

cpe:2.3:a:moodle:moodle:3.9.2
Fedoraproject » Fedora » Version: 32

cpe:2.3:o:fedoraproject:fedora:32
Fedoraproject » Fedora » Version: 33

cpe:2.3:o:fedoraproject:fedora:33

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-25703

Products

Pricing

Contact Us