Lucene search
GoogleOSV:CVE-2020-25698HistoryNov 19, 2020 - 5:15 p.m.
CVE-2020-25698
2020-11-1917:15:12
Google
osv.dev
8
moodle
user enrollment
permission
vulnerability
software security
Users’ enrollment capabilities were not being sufficiently checked in Moodle when they are restored into an existing course. This could lead to them unenrolling users without having permission to do so. Versions affected: 3.5 to 3.5.14, 3.7 to 3.7.8, 3.8 to 3.8.5, 3.9 to 3.9.2 and earlier unsupported versions. Fixed in 3.9.3, 3.8.6, 3.7.9, 3.5.15, and 3.10.
References
bugzilla.redhat.com/show_bug.cgi?id=1895419
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4NNFCHPPHRJNJROIX6SYMHOC6HMKP3GU/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B55KXBVAT45MDASJ3EK6VIGQOYGJ4NH6/
moodle.org/mod/forum/discuss.php?d=413935
Related
osv
osv
Improper Access Control in moodle
2021-03-29 20:42:46
BIT-moodle-2020-25698
2024-03-06 11:11:44
cve
cve
CVE-2020-25698
2020-11-19 17:15:12
github
github
Improper Access Control in moodle
2021-03-29 20:42:46
cvelist
cvelist
CVE-2020-25698
2020-11-19 16:05:37
ubuntucve
ubuntucve
CVE-2020-25698
2020-11-19 00:00:00
veracode
veracode
Authorization Bypass
2020-11-20 05:55:03
prion
prion
Code injection
2020-11-19 17:15:00
nvd
nvd
CVE-2020-25698
2020-11-19 17:15:12
openvas
openvas
Moodle < 3.5.14, 3.7.x < 3.7.9, 3.8.x < 3.8.6, 3.9.x < 3.9.3 Multiple Vulnerabilities
2020-11-27 00:00:00
Fedora: Security Advisory for moodle (FEDORA-2020-304aa2c365)
2020-11-28 00:00:00
Fedora: Security Advisory for moodle (FEDORA-2020-db73e37548)
2020-11-28 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: moodle-3.9.3-1.fc33
2020-11-28 02:04:40
[SECURITY] Fedora 32 Update: moodle-3.8.6-1.fc32
2020-11-28 02:10:53
nessus
nessus
Fedora 32 : moodle (2020-db73e37548)
2020-11-30 00:00:00
Fedora 33 : moodle (2020-304aa2c365)
2020-11-30 00:00:00