Lucene search
FedoraVULNRICHMENT:CVE-2023-1402HistoryMar 23, 2023 - 12:00 a.m.
CVE-2023-1402 Moodle: course participation report shows roles the user should not see
2023-03-2300:00:00
CWE-200
fedora
github.com
7
moodle
participation report
security fix
roles
access.
The course participation report required additional checks to prevent roles being displayed which the user did not have access to view.
CNA Affected
[
{
"versions": [
{
"status": "affected",
"version": "4.1.0",
"lessThan": "4.1.2",
"versionType": "semver"
},
{
"status": "affected",
"version": "4.0.0",
"lessThan": "4.0.7",
"versionType": "semver"
},
{
"status": "affected",
"version": "3.11.0",
"lessThan": "3.11.13",
"versionType": "semver"
},
{
"status": "affected",
"version": "0",
"lessThan": "3.9.20",
"versionType": "semver"
}
],
"packageName": "moodle",
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected"
}
]Related
cvelist
cvelist
github
github
Moodle may display roles to users who don't have access to them
2023-03-23 21:30:19
prion
prion
Design/Logic Flaw
2023-03-23 21:15:00
osv
osv
BIT-moodle-2023-1402
2024-03-06 11:01:34
Moodle may display roles to users who don't have access to them
2023-03-23 21:30:19
CVE-2023-1402
2023-03-23 21:15:19
cve
cve
CVE-2023-1402
2023-03-23 21:15:19
ubuntucve
ubuntucve
CVE-2023-1402
2023-03-23 00:00:00
veracode
veracode
Information Disclosure
2023-03-27 16:23:58
nvd
nvd
CVE-2023-1402
2023-03-23 21:15:19
nessus
nessus
Fedora 36 : moodle (2023-d9c13996b2)
2023-03-30 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: moodle-3.11.13-1.fc36
2023-03-30 01:16:28
openvas
openvas
Fedora: Security Advisory for moodle (FEDORA-2023-d9c13996b2)
2023-03-31 00:00:00
AI Score
6.7
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2023-1402