3 matches found
Moodle CMS 3.6.x <= 3.6.2 Authentication Bypass Vulnerability
Moodle CMS is prone to an authentication bypass vulnerability. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free...
UBUNTU-CVE-2019-3852
A vulnerability was found in moodle before version 3.6.3. The getwithcapabilityjoin and getusersbycapability functions were not taking context freezing into account when checking user capabilities...
CVE-2019-3852
CVE-2019-3852 affects Moodle before 3.6.3. The issue, due to how the functions get_with_capability_join and get_users_by_capability check user capabilities, arises from failing to account for context freezing. The connected documents confirm the vulnerability details and do not provide exploitati...