EUVD-2022-1703

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-0984

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Users with the capability to configure badge criteria teachers and managers by default were able to configure course badges with profile field criteria, which...

Linux Distros Unpatched Vulnerability : CVE-2024-48899

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Moodle. Additional checks are required to ensure users can only fetch the list of course badges for courses that they are intended ...

BIT-MOODLE-2024-48899 Moodle: idor when accessing list of course badges

A vulnerability was found in Moodle. Additional checks are required to ensure users can only fetch the list of course badges for courses that they are intended to have access to...

Moodle 4.4.x < 4.4.4 Multiple Insecure Direct Object Reference

According to its self-reported version, the Moodle install hosted on the remote host is 4.4.x prior to 4.4.4. It is, therefore, affected by multiple insecure direct object reference. - An IDOR when accessing list of badge recipients. - An IDOR when accessing list of course badges. Note that the...

Unauthorized Data Access

moodle/moodle is vulnerable to Unauthorized Data Access. The vulnerability is due to insufficient validation checks, which allow an attacker to fetch the list of course badges for courses they are not authorized to access...

Moodle IDOR when accessing list of course badges

A vulnerability was found in Moodle. Additional checks are required to ensure users can only fetch the list of course badges for courses that they are intended to have access to...

GHSA-R4XR-M393-778M Moodle IDOR when accessing list of course badges

A vulnerability was found in Moodle. Additional checks are required to ensure users can only fetch the list of course badges for courses that they are intended to have access to...

CVE-2024-48899

A vulnerability was found in Moodle. Additional checks are required to ensure users can only fetch the list of course badges for courses that they are intended to have access to...

UBUNTU-CVE-2024-48899

A vulnerability was found in Moodle. Additional checks are required to ensure users can only fetch the list of course badges for courses that they are intended to have access to...

Access Control Bypass

Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Access Control Bypass due to insufficient access control checks in the process of fetching course badges. Remediation Upgrade moodle/moodle to version 4.4.4 or higher. References - GitHub Commit -...

CVE-2024-48899 Moodle: idor when accessing list of course badges

A vulnerability was found in Moodle. Additional checks are required to ensure users can only fetch the list of course badges for courses that they are intended to have access to...

CVE-2024-48899 Moodle: idor when accessing list of course badges

A vulnerability was found in Moodle. Additional checks are required to ensure users can only fetch the list of course badges for courses that they are intended to have access to...

CVE-2024-48899

CVE-2024-48899 affects Moodle with an insecure direct object reference (IDOR) when accessing the list of course badges. The root cause is insufficient access checks that allow unauthorized retrieval of badge-related data across courses. Affected information: course badge lists (and potentially ba...

PT-2024-33258 · Moodle +1 · Moodle +1

Name of the Vulnerable Software and Affected Versions: Moodle affected versions not specified Description: A vulnerability was found in Moodle, where additional checks are required to ensure users can only fetch the list of course badges for courses that they are intended to have access to...

Moodle 安全漏洞

Moodle is a free e-learning software platform open-sourced by Moodle, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle that stems from the need to perform additional checks to ensure that users only ha...

BIT-MOODLE-2022-0984

Users with the capability to configure badge criteria teachers and managers by default were able to configure course badges with profile field criteria, which should only be available for site badges...

CVE-2022-0984

Users with the capability to configure badge criteria teachers and managers by default were able to configure course badges with profile field criteria, which should only be available for site badges...

UBUNTU-CVE-2022-0984

Users with the capability to configure badge criteria teachers and managers by default were able to configure course badges with profile field criteria, which should only be available for site badges...

CVE-2022-0984

Users with the capability to configure badge criteria teachers and managers by default were able to configure course badges with profile field criteria, which should only be available for site badges...