Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-3848

Опубликовано: 26 мар. 2019
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4
CVSS3: 4.3

Описание

A vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3.4.8. Permissions were not correctly checked before loading event information into the calendar's edit event modal popup, so logged in non-guest users could view unauthorised calendar events. (Note: It was read-only access, users could not edit the events.)

РелизСтатусПримечание
bionic

not-affected

code not present
cosmic

not-affected

code not present
devel

not-affected

code not present
esm-apps/bionic

not-affected

code not present
esm-apps/xenial

not-affected

code not present
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected [code not present]]
precise/esm

DNE

trusty

not-affected

code not present
trusty/esm

DNE

trusty was not-affected [code not present]
upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 34%
0.00133
Низкий

4 Medium

CVSS2

4.3 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2019-3848

CVSS3: 4.3
nvd
больше 6 лет назад

A vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3.4.8. Permissions were not correctly checked before loading event information into the calendar's edit event modal popup, so logged in non-guest users could view unauthorised calendar events. (Note: It was read-only access, users could not edit the events.)

debian логотип

CVE-2019-3848

CVSS3: 4.3
debian
больше 6 лет назад

A vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3 ...

github логотип

GHSA-45rw-4r25-jvg7

CVSS3: 4.3
github
около 3 лет назад

Moodle Logged in users could view all calendar events

EPSS

Процентиль: 34%
0.00133
Низкий

4 Medium

CVSS2

4.3 Medium

CVSS3