CVE-2024-48899

Опубликовано: 20 нояб. 2024

Источник: nvd

CVSS3: 4.3

EPSS Низкий

Описание

A vulnerability was found in Moodle. Additional checks are required to ensure users can only fetch the list of course badges for courses that they are intended to have access to.

Ссылки

https://bugzilla.redhat.com/show_bug.cgi?id=2318819
Issue Tracking

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*

Версия от 4.4.0 (включая) до 4.4.4 (исключая)

EPSS

Процентиль: 15%

0.00048

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-284

CWE-639

Связанные уязвимости

CVE-2024-48899

CVSS3: 4.3

ubuntu

7 месяцев назад

A vulnerability was found in Moodle. Additional checks are required to ensure users can only fetch the list of course badges for courses that they are intended to have access to.

CVE-2024-48899

CVSS3: 4.3

debian

7 месяцев назад

A vulnerability was found in Moodle. Additional checks are required to ...

GHSA-r4xr-m393-778m

CVSS3: 4.3

github

7 месяцев назад

Moodle IDOR when accessing list of course badges

EPSS

Процентиль: 15%

0.00048

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-284

CWE-639