CVE-2018-10890

Summary

A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7, 3.1.13. It was possible for the core_course_get_categories web service to return hidden categories, which should be omitted when fetching course categories.

Affected Software

VendorProductVersion RangeStatus
[UNKNOWN]moodlemoodle 3.5.1affected
[UNKNOWN]moodlemoodle 3.4.4affected
[UNKNOWN]moodlemoodle 3.3.7affected
[UNKNOWN]moodlemoodle 3.1.13affected

Weaknesses

  • CWE-200: CWE-200

ADP Enrichment

CVE Program Container

Additional References

References