11 matches found
BIT-MOODLE-2024-48900 Moodle: idor when accessing list of badge recipients
A vulnerability was found in Moodle. Additional checks are required to ensure users with permission to view badge recipients can only access lists of those they are intended to have access to...
Moodle 4.0.x < 4.0.12 Multiple Vulnerabilities
According to its self-reported version, the Moodle install hosted on the remote host is prior to 3.9.25 / 3.11.x prior to 3.11.18 / 4.0.x prior to 4.0.12 / 4.1.x prior to 4.1.7 / 4.2.x prior to 4.2.4. It is, therefore, affected by multiple vulnerabilities: - XSS risk when manually running a task ...
Moodle 3.11.x < 3.11.18 Multiple Vulnerabilities
According to its self-reported version, the Moodle install hosted on the remote host is prior to 3.9.25 / 3.11.x prior to 3.11.18 / 4.0.x prior to 4.0.12 / 4.1.x prior to 4.1.7 / 4.2.x prior to 4.2.4. It is, therefore, affected by multiple vulnerabilities: - XSS risk when manually running a task ...
Moodle 4.1.x < 4.1.7 Multiple Vulnerabilities
According to its self-reported version, the Moodle install hosted on the remote host is prior to 3.9.25 / 3.11.x prior to 3.11.18 / 4.0.x prior to 4.0.12 / 4.1.x prior to 4.1.7 / 4.2.x prior to 4.2.4. It is, therefore, affected by multiple vulnerabilities: - XSS risk when manually running a task ...
Moodle 4.4.x < 4.4.4 Multiple Insecure Direct Object Reference
According to its self-reported version, the Moodle install hosted on the remote host is 4.4.x prior to 4.4.4. It is, therefore, affected by multiple insecure direct object reference. - An IDOR when accessing list of badge recipients. - An IDOR when accessing list of course badges. Note that the...
Unauthorized Data Access
moodle/moodle is vulnerable to Unauthorized Data Access. The vulnerability is due to insufficient access control checks, allowing users with permission to view badge recipients to access unintended lists...
Moodle IDOR when accessing list of badge recipients
A vulnerability was found in Moodle. Additional checks are required to ensure users with permission to view badge recipients can only access lists of those they are intended to have access to...
CVE-2024-48900
A vulnerability was found in Moodle. Additional checks are required to ensure users with permission to view badge recipients can only access lists of those they are intended to have access to...
CVE-2024-48900
CVE-2024-48900 (Moodle) : A location-based IDOR vulnerability in Moodle allows users with permission to view badge recipients to access lists they should not see. Root cause: insufficient access-control checks when fetching badge recipient lists. Impact: potential information exposure of badge re...
CVE-2024-48900 Moodle: idor when accessing list of badge recipients
A vulnerability was found in Moodle. Additional checks are required to ensure users with permission to view badge recipients can only access lists of those they are intended to have access to...
Moodle 信息泄露漏洞
Moodle is a free e-learning software platform open-sourced by Moodle, also known as a course management system, learning management system or virtual learning environment. Moodle suffers from an information disclosure vulnerability that stems from the need for additional checks to ensure that onl...