Moodle is vulnerable to privilege escalation. Lack of proper access permission check for view grades allows users to access grade report for courses where they did not have the required gradereport/user:view capability.
CPE | Name | Operator | Version |
---|---|---|---|
moodle/moodle | le | v3.11.4 | |
moodle/moodle | le | 3.10.8 | |
moodle/moodle | le | v3.9.11 | |
moodle/moodle | le | v3.11.4 | |
moodle/moodle | le | 3.10.8 | |
moodle/moodle | le | v3.9.11 |