CVE-2022-0333 - AskarLabs CVE Database

CVE-2022-0333

Vendor N/A

Product moodle

Weakness CWE-863 · Incorrect authorization

Published January 25, 2022

Last update August 2, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The calendar:manageentries capability allowed managers to access or modify any calendar event, but should have been restricted from accessing user level events.

Key dates

02Disclosure timeline

January 25, 2022 CVE published

August 2, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-0333 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/863.html

Related vulnerabilities

04Related CVE

CVE-2024-3033 Improper Authorization in mintplex-labs/anything-llm CVE-2025-1418 Information disclosure in Proget MDM CVE-2026-0997 Mattermost Zoom Plugin channel preference API lacks authorization checks CVE-2024-3404 Improper Access Control in gaizhenbiao/chuanhuchatgpt CVE-2026-42070 MantisBT: Authorization Bypass in Bugnote Editing via Issue Update API