Privilage Escalation in moodle

If the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment method. This could lead to unintended users gaining access to the course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3....

UBUNTU-CVE-2020-25701

If the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment method. This could lead to unintended users gaining access to the course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3....

CVE-2020-25701

If the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment method. This could lead to unintended users gaining access to the course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3....

CVE-2020-25701

CVE-2020-25701 describes a Moodle vulnerability where the upload course tool would erroneously enable an enrollment method when deleting one that didn’t exist or wasn’t enabled, potentially letting unintended users access a course. Affected versions include Moodle 3.9.x (3.9.2 and earlier), 3.8.x...

Moodle 访问控制错误漏洞

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. Moodle suffers from an access control error vulnerability that stems from the fact that if the Upload Course tool is used to delete an...

PT-2020-16163 · Moodle +1 · Moodle +1

Name of the Vulnerable Software and Affected Versions: Moodle versions 3.5 to 3.5.14 Moodle versions 3.7 to 3.7.8 Moodle versions 3.8 to 3.8.5 Moodle versions 3.9 to 3.9.2 Description: The upload course tool in Moodle contains an issue where deleting a non-existent or disabled enrollment method...