Lucene search
GoogleOSV:GHSA-G39C-MCCF-RXJVHistoryMay 24, 2022 - 7:21 p.m.
Moodle Insecure direct object reference (IDOR) in a calendar web service
2022-05-2419:21:10
Google
osv.dev
15
moodle
idor
insecure direct object reference
calendar
capability checks
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. Insufficient capability checks made it possible to fetch other users’ calendar action events.
Related
cvelist
cvelist
CVE-2021-43560
2021-11-22 16:00:22
cnvd
cnvd
nvd
nvd
CVE-2021-43560
2021-11-22 16:15:08
veracode
veracode
Remote Code Execution (RCE)
2021-11-23 07:39:47
github
github
Moodle Insecure direct object reference (IDOR) in a calendar web service
2022-05-24 19:21:10
osv
osv
BIT-moodle-2021-43560
2024-03-06 11:06:24
CVE-2021-43560
2021-11-22 16:15:08
prion
prion
Design/Logic Flaw
2021-11-22 16:15:00
ubuntucve
ubuntucve
CVE-2021-43560
2021-11-22 00:00:00
cve
cve
CVE-2021-43560
2021-11-22 16:15:08
nessus
nessus
Moodle 3.9.x < 3.9.11 Multiple Vulnerabilities
2023-02-20 00:00:00
Moodle 3.10.x < 3.10.8 Multiple Vulnerabilities
2023-02-20 00:00:00
Moodle 3.11.x < 3.11.4 Multiple Vulnerabilities
2023-02-20 00:00:00
openvas
openvas
Moodle < 3.9.11, 3.10.x < 3.10.8, 3.11.x < 3.11.4 Multiple Vulnerabilities
2021-11-23 00:00:00