Lucene search
Veracode Vulnerability DatabaseVERACODE:27937HistoryNov 20, 2020 - 5:55 a.m.
Authorization Bypass
2020-11-2005:55:03
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.001 Low
EPSS
Percentile
47.3%
moodle/moodle is vulnerable to authorization bypass. A teacher is able to un-enrol users without permission using course restore.
| CPE | Name | Operator | Version |
|---|---|---|---|
| moodle/moodle | le | v3.9.2 | |
| moodle/moodle | le | v3.10.0-rc2 | |
| moodle/moodle | le | v3.5.14 | |
| moodle/moodle | le | v3.8.5 | |
| moodle/moodle | le | v3.7.8 |
References
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-67837
bugzilla.redhat.com/show_bug.cgi?id=1895419
lists.fedoraproject.org/archives/list/[email protected]/message/4NNFCHPPHRJNJROIX6SYMHOC6HMKP3GU/
lists.fedoraproject.org/archives/list/[email protected]/message/B55KXBVAT45MDASJ3EK6VIGQOYGJ4NH6/
moodle.org/mod/forum/discuss.php?d=413935
Related
osv
osv
Improper Access Control in moodle
2021-03-29 20:42:46
BIT-moodle-2020-25698
2024-03-06 11:11:44
CVE-2020-25698
2020-11-19 17:15:12
github
github
Improper Access Control in moodle
2021-03-29 20:42:46
cve
cve
CVE-2020-25698
2020-11-19 17:15:12
prion
prion
Code injection
2020-11-19 17:15:00
nvd
nvd
CVE-2020-25698
2020-11-19 17:15:12
ubuntucve
ubuntucve
CVE-2020-25698
2020-11-19 00:00:00
cvelist
cvelist
CVE-2020-25698
2020-11-19 16:05:37
openvas
openvas
Moodle < 3.5.14, 3.7.x < 3.7.9, 3.8.x < 3.8.6, 3.9.x < 3.9.3 Multiple Vulnerabilities
2020-11-27 00:00:00
Fedora: Security Advisory for moodle (FEDORA-2020-304aa2c365)
2020-11-28 00:00:00
Fedora: Security Advisory for moodle (FEDORA-2020-db73e37548)
2020-11-28 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: moodle-3.9.3-1.fc33
2020-11-28 02:04:40
[SECURITY] Fedora 32 Update: moodle-3.8.6-1.fc32
2020-11-28 02:10:53
nessus
nessus
Fedora 33 : moodle (2020-304aa2c365)
2020-11-30 00:00:00
Fedora 32 : moodle (2020-db73e37548)
2020-11-30 00:00:00