3 matches found
CVE-2024-25983 Msa-24-0006: idor on dashboard comments block
Insufficient checks in a web service made it possible to add comments to the comments block on another user's dashboard when it was not otherwise available e.g., on their profile page...
CVE-2024-25983
The CVE-2024-25983 entry concerns Moodle where insufficient checks in a web service allow adding comments to the comments block on another user’s dashboard (e.g., their profile) when not normally available. This is an authorization/IDOR-like issue affecting the dashboard comments feature. The cor...
CVE-2024-25983 Msa-24-0006: idor on dashboard comments block
Insufficient checks in a web service made it possible to add comments to the comments block on another user's dashboard when it was not otherwise available e.g., on their profile page...