Lucene search
GoogleOSV:GHSA-X29X-QWVX-FXR2HistoryJun 18, 2024 - 9:30 p.m.
Moodle BigBlueButton web service leaks meeting joining information
2024-06-1821:30:36
Google
osv.dev
10
moodle
bigbluebutton
web service
meeting joining
information leakage
capability checks
unauthorized access
software
Insufficient capability checks meant it was possible for users to gain access to BigBlueButton join URLs they did not have permission to access.
References
github.com/moodle/moodle
github.com/moodle/moodle/commit/500cec575731fd8575569dcb5811535751dddae1
github.com/moodle/moodle/commit/647b9dc06409211018c9f28581504d096ce9e3a8
github.com/moodle/moodle/commit/6c0645ca29b195b5caaffc27d80f2ff715c33a48
github.com/moodle/moodle/commit/a10506b8d70609478fef156d489e0c7d727b6098
lists.fedoraproject.org/archives/list/[email protected]/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6
lists.fedoraproject.org/archives/list/[email protected]/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E
moodle.org/mod/forum/discuss.php?d=459498
nvd.nist.gov/vuln/detail/CVE-2024-38273
Related
vulnrichment
vulnrichment
veracode
veracode
Unauthorized Access
2024-06-19 04:01:53
cve
cve
CVE-2024-38273
2024-06-18 20:15:13
osv
osv
CVE-2024-38273
2024-06-18 20:15:00
cvelist
cvelist
github
github
Moodle BigBlueButton web service leaks meeting joining information
2024-06-18 21:30:36
nvd
nvd
CVE-2024-38273
2024-06-18 20:15:13
ubuntucve
ubuntucve
CVE-2024-38273
2024-06-18 00:00:00
nessus
nessus
Fedora 39 : moodle (2024-9df8ef935b)
2024-06-27 00:00:00
Fedora 40 : moodle (2024-020937763e)
2024-06-27 00:00:00
fedora
fedora
[SECURITY] Fedora 40 Update: moodle-4.3.5-1.fc40
2024-06-27 02:04:09
[SECURITY] Fedora 39 Update: moodle-4.3.5-1.fc39
2024-06-27 01:43:43
openvas
openvas
Fedora: Security Advisory (FEDORA-2024-9df8ef935b)
2024-06-27 00:00:00
Fedora: Security Advisory (FEDORA-2024-020937763e)
2024-06-27 00:00:00