5 matches found
Access Control Bypass
Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Access Control Bypass due to insufficient access control mechanisms implemented in the external API for quiz overrides. Remediation Upgrade moodle/moodle to version 4.4.2 or higher. References -...
CVE-2024-43430 Moodle: lack of access control when using external methods for quiz overrides
A flaw was found in moodle. External API access to Quiz can override contained insufficient access control...
CVE-2024-43430
Mode C: The CVE-2024-43430 entry concerns Moodle and describes an access-control weakness where external API access to Quiz can override contained access control. The connected documents reiterate Moodle-related details (external API for Quiz, insufficient access control) but do not specify affec...
Moodle 4.4.x < 4.4.2 Improper Access Control Vulnerability (MSA-24-0031)
Moodle is prone to an improper access control vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:moodle:moodle";...
UBUNTU-CVE-2021-36399
In Moodle, ID numbers displayed in the quiz override screens required additional sanitizing to prevent a stored XSS risk...