CVE-2019-10154

Summary

A flaw was found in Moodle before versions 3.7, 3.6.4. A web service fetching messages was not restricted to the current user's conversations.

Affected Software

VendorProductVersion RangeStatus
Moodlemoodle3.7affected
Moodlemoodle3.6.4affected

Weaknesses

  • CWE-285: CWE-285

ADP Enrichment

CVE Program Container

Additional References

References