58 matches found
Understanding Student Experiences with TLS Client Authentication
Mutual TLS mTLS provides strong, certificate-based authentication for both clients and servers, yet its adoption for user-facing websites remains rare. This paper presents a longitudinal study of mTLS usability, tracking 46 senior and graduate computer science students who configured client...
Linux Distros Unpatched Vulnerability : CVE-2025-62395
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing...
BIT-MOODLE-2025-62395 Moodle: external cohort search service leaks system cohort data
A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data...
CVE-2025-62395
A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data...
CVE-2025-62395
A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data...
UBUNTU-CVE-2025-62395
A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data...
Access Control Bypass
Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Access Control Bypass due to the improperly enforced context-based capability checks in the external cohort search. An attacker can access restricted administrative data by leveraging permissions in...
CVE-2025-62395
CVE-2025-62395 affects Moodle LMS via a flaw in the cohort search web service. The issue allows users with permissions in lower contexts to access cohort information from the system context, potentially exposing restricted administrative data. The Connected documents confirm the vulnerability des...
CVE-2025-62395 Moodle: external cohort search service leaks system cohort data
A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data...
CVE-2025-62395 Moodle: external cohort search service leaks system cohort data
A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data...
EUVD-2025-35666
A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data...
Moodle 安全漏洞
Moodle is a free e-learning software platform open-sourced by Moodle, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle that originates in the cohort search web service feature, where a context user wit...
PT-2025-43443
Name of the Vulnerable Software and Affected Versions cohort search web service affected versions not specified Description A flaw exists in the cohort search web service that allows users with limited permissions to access cohort information intended for system-level access. This results in the...
CVE-2025-62395
A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data...
EUVD-2020-5422
Malware in sbrugna...
EUVD-2022-3932
Malicious code in bioql PyPI...
EUVD-2022-2680
Malicious code in bioql PyPI...
EUVD-2025-12515
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-3647
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in Moodle. Additional checks were required to ensure that users can only access cohort data they are authorized to retrieve. CVE-2025-3647...
Linux Distros Unpatched Vulnerability : CVE-2019-10133
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. The form to upload cohorts contained a redirect field, which was not restricted to intern...