Описание
A flaw was found in the course overview output function where user access permissions were not fully enforced. This could allow unauthorized users to view information about courses they should not have access to, potentially exposing limited course details.
Ссылки
- Third Party Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 5.0.0 (включая) до 5.0.3 (исключая)
cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*
EPSS
Процентиль: 9%
0.00032
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-284
Связанные уязвимости
CVSS3: 4.3
ubuntu
около 2 месяцев назад
A flaw was found in the course overview output function where user access permissions were not fully enforced. This could allow unauthorized users to view information about courses they should not have access to, potentially exposing limited course details.
CVSS3: 4.3
debian
около 2 месяцев назад
A flaw was found in the course overview output function where user acc ...
CVSS3: 4.3
github
около 2 месяцев назад
Moodle course access permissions are not properly checked in course_output_fragment_course_overview
EPSS
Процентиль: 9%
0.00032
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-284