CVE-2019-10154

Опубликовано: 26 июн. 2019

Источник: debian

Описание

A flaw was found in Moodle before versions 3.7, 3.6.4. A web service fetching messages was not restricted to the current user's conversations.

Пакет	Статус	Версия исправления	Релиз	Тип
moodle	removed			package

CVE-2019-10154

CVSS3: 7.5

ubuntu

почти 6 лет назад

A flaw was found in Moodle before versions 3.7, 3.6.4. A web service fetching messages was not restricted to the current user's conversations.

CVE-2019-10154

CVSS3: 7.5

nvd

почти 6 лет назад

A flaw was found in Moodle before versions 3.7, 3.6.4. A web service fetching messages was not restricted to the current user's conversations.

GHSA-ww45-x87c-wgff

CVSS3: 7.5

github

около 3 лет назад

Moodle all messaging conversations could be viewed