What is the severity of CVE-2022-30597?

The severity of CVE-2022-30597 is classified as moderate due to the exposure of user description fields that should be hidden.

How do I fix CVE-2022-30597?

To fix CVE-2022-30597, upgrade to Moodle versions 3.9.14, 3.10.11, 3.11.7, or 4.0.1.

CVE-2022-30597 affects Moodle versions 4.0, 3.11, 3.10, 3.9, and earlier unsupported versions.

Yes, there are patches available for CVE-2022-30597 in the latest Moodle releases.

CVE-2022-30597 exposes the user description field, which is not properly hidden when set as a hidden user field.

5.3

CWE

472

10/5/2022

18/5/2022

19/5/2022

3/8/2024

First published: Tue May 10 2022(Updated: )

A flaw was found in moodle where the description user field was not hidden when being set as a hidden user field.

Credit: patrick@puiterwijk.org

What is the severity of CVE-2022-30597?
The severity of CVE-2022-30597 is classified as moderate due to the exposure of user description fields that should be hidden.
How do I fix CVE-2022-30597?
To fix CVE-2022-30597, upgrade to Moodle versions 3.9.14, 3.10.11, 3.11.7, or 4.0.1.
Which versions of Moodle are affected by CVE-2022-30597?
CVE-2022-30597 affects Moodle versions 4.0, 3.11, 3.10, 3.9, and earlier unsupported versions.
Is there a patch for CVE-2022-30597?
Yes, there are patches available for CVE-2022-30597 in the latest Moodle releases.
What does the vulnerability CVE-2022-30597 expose?
CVE-2022-30597 exposes the user description field, which is not properly hidden when set as a hidden user field.