Описание
Moodle's AJAX section delete does not respect course_can_delete_section()
A flaw was found in Moodle. Additional checks were required to prevent users from deleting course sections they did not have permission to modify.
Пакеты
moodle/moodle
< 4.1.18
4.1.18
moodle/moodle
>= 4.3.0-beta, < 4.3.12
4.3.12
moodle/moodle
>= 4.4.0-beta, < 4.4.8
4.4.8
moodle/moodle
>= 4.5.0-beta, < 4.5.4
4.5.4
Связанные уязвимости
A flaw was found in Moodle. Additional checks were required to prevent users from deleting course sections they did not have permission to modify.
A flaw was found in Moodle. Additional checks were required to prevent users from deleting course sections they did not have permission to modify.
A flaw was found in Moodle. Additional checks were required to prevent ...
Уязвимость функции course_can_delete_section() виртуальной обучающей среды Moodle, позволяющая нарушителю повысить свои привилегии
