3 matches found
Moodle 4.4.x < 4.4.4 Multiple Insecure Direct Object Reference
According to its self-reported version, the Moodle install hosted on the remote host is 4.4.x prior to 4.4.4. It is, therefore, affected by multiple insecure direct object reference. - An IDOR when accessing list of badge recipients. - An IDOR when accessing list of course badges. Note that the...
Unauthorized Data Access
moodle/moodle is vulnerable to Unauthorized Data Access. The vulnerability is due to insufficient validation checks, which allow an attacker to fetch the list of course badges for courses they are not authorized to access...
Moodle 安全漏洞
Moodle is a free e-learning software platform open-sourced by Moodle, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle that stems from the need to perform additional checks to ensure that users only ha...