CVE-2017-7489

MEDIUM

Moodle 2.x-3.x - Privilege Escalation

Title source: llm

In Moodle 2.x and 3.x, remote authenticated users can take ownership of arbitrary blogs by editing an external blog link.

CVSS v3 6.3

EPSS 0.0032

EPSS Percentile 54.4%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE

CWE-269

Status published

Products (50)

moodle/moodle

... and 40 more

Published May 15, 2017

Tracked Since Feb 18, 2026