Moodle security update-CVE-2020-14321

April 22, 2022

NAME

MoodleMoodle

  • Platforms Affected:
    Moodle

  • Risk Level:
    high

  • CVE Type:
    Privilege escalation

DESCRIPTION

CVE-2020-14321 is a privilege escalation vulnerability impacting multiple versions of Moodle. A Metasploit module was observed in open source and a link to an exploit was shared in the underground. Additionally, a walk-through demo of an exploit was shared via YouTube.

CVSS Information:

  • CVSS 2.0 SCORE: 4.3
  • CVSS 3.0 SCORE: 5.9

  • Exploit Disclosed in the Public:
    true

  • Exploit Weaponised:
    true

  • PoC Link:
    hXXps://www[.]exploit-db[.]com/exploits/50180

MITIGATION

Moodle addressed the vulnerability in a security advisory with updated versions.

  • Reference Link:
    https://moodle.org/mod/forum/discuss.php?d=407393

  • Patch Available:
    available

If you like the site, please consider joining the telegram channel and supporting us on Patreon using the button below.

Digital Patreon Wordmark FieryCoralv2
Tags: , ,

You may have missed

image

[INCRANSOM] – Ransomware Victim: VZW Avalon

October 31, 2025
2ca7d16d584b17da4115e413eb3205853f95dc1a60caf39f3671d89a59269145

Ai Layoffs To Backfire: Half Quietly Rehired At Lower Pay

October 31, 2025
image

[BLACKSHRANTAC] – Ransomware Victim: The Matlusky Firm LLC

October 31, 2025
image

[QILIN] – Ransomware Victim: bagnoles[.]nl

October 31, 2025
image

[BLACKSHRANTAC] – Ransomware Victim: ApleNet Co[.], Ltd

October 31, 2025