6.4 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
33.6%
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. Insufficient capability checks made it possible to fetch other users’ calendar action events.
bugzilla.redhat.com/show_bug.cgi?id=2021519
github.com/moodle/moodle
moodle.org/mod/forum/discuss.php?d=429100
nvd.nist.gov/vuln/detail/CVE-2021-43560