Lucene search
Veracode Vulnerability DatabaseVERACODE:33068HistoryNov 23, 2021 - 7:39 a.m.
Remote Code Execution (RCE)
2021-11-2307:39:47
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
remote code execution
insecure object reference
calendar fetch
EPSS
0.001
Percentile
39.2%
moodle/moodle is vulnerable to remote code execution. The vulnerability exists due to an insecure direct object reference, allowing an attacker to fetch other users’ calendar action events.
Related
cvelist
cvelist
CVE-2021-43560
2021-11-22 16:00:22
cnvd
cnvd
nvd
nvd
CVE-2021-43560
2021-11-22 16:15:08
github
github
Moodle Insecure direct object reference (IDOR) in a calendar web service
2022-05-24 19:21:10
osv
osv
BIT-moodle-2021-43560
2024-03-06 11:06:24
Moodle Insecure direct object reference (IDOR) in a calendar web service
2022-05-24 19:21:10
CVE-2021-43560
2021-11-22 16:15:08
prion
prion
Design/Logic Flaw
2021-11-22 16:15:00
ubuntucve
ubuntucve
CVE-2021-43560
2021-11-22 00:00:00
cve
cve
CVE-2021-43560
2021-11-22 16:15:08
nessus
nessus
Moodle 3.9.x < 3.9.11 Multiple Vulnerabilities
2023-02-20 00:00:00
Moodle 3.11.x < 3.11.4 Multiple Vulnerabilities
2023-02-20 00:00:00
Moodle 3.10.x < 3.10.8 Multiple Vulnerabilities
2023-02-20 00:00:00
openvas
openvas
Moodle < 3.9.11, 3.10.x < 3.10.8, 3.11.x < 3.11.4 Multiple Vulnerabilities
2021-11-23 00:00:00