Lucene search
GoogleOSV:GHSA-2M72-M5CW-3G9HHistoryMay 24, 2022 - 5:44 p.m.
Missing permission check in Moodle
2022-05-2417:44:37
Google
osv.dev
4
moodle
web service
permission validation
enrolled courses
software vulnerability
The web service responsible for fetching other users’ enrolled courses did not validate that the requesting user had permission to view that information in each course in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.
References
bugzilla.redhat.com/show_bug.cgi?id=1939051
github.com/moodle/moodle
lists.fedoraproject.org/archives/list/[email protected]/message/AFSNJ7XHVTC52RSRX2GBQFF3VEEAY2MS
lists.fedoraproject.org/archives/list/[email protected]/message/UFH5DDMU5TZ3JT4Q52WMRAHACA5MHIMT
moodle.org/mod/forum/discuss.php?d=419654
nvd.nist.gov/vuln/detail/CVE-2021-20283
Related
cvelist
cvelist
CVE-2021-20283
2021-03-15 21:36:11
osv
osv
CVE-2021-20283
2021-03-15 22:15:13
BIT-moodle-2021-20283
2024-03-06 11:10:44
ubuntucve
ubuntucve
CVE-2021-20283
2021-03-15 00:00:00
prion
prion
Code injection
2021-03-15 22:15:00
github
github
Missing permission check in Moodle
2022-05-24 17:44:37
veracode
veracode
Insecure Access Control
2021-03-17 04:59:58
cve
cve
CVE-2021-20283
2021-03-15 22:15:13
nvd
nvd
CVE-2021-20283
2021-03-15 22:15:13
fedora
fedora
[SECURITY] Fedora 32 Update: moodle-3.8.8-1.fc32
2021-03-23 01:12:58
[SECURITY] Fedora 33 Update: moodle-3.9.5-1.fc33
2021-03-23 01:34:46
[SECURITY] Fedora 34 Update: moodle-3.10.2-1.fc34
2021-03-19 20:34:49
openvas
openvas
Fedora: Security Advisory for moodle (FEDORA-2021-431b232659)
2021-03-24 00:00:00
Fedora: Security Advisory for moodle (FEDORA-2021-50f63a0161)
2021-03-24 00:00:00
Fedora: Security Advisory for moodle (FEDORA-2021-1c27e89d49)
2021-03-20 00:00:00
nessus
nessus
Fedora 32 : moodle (2021-50f63a0161)
2021-03-23 00:00:00
Fedora 33 : moodle (2021-431b232659)
2021-03-23 00:00:00
Moodle 3.10.x < 3.10.2 Multiple Vulnerabilities
2023-02-20 00:00:00