CVE-2021-43560
N/A
N/A
Summary
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. Insufficient capability checks made it possible to fetch other users' calendar action events.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | moodle | moodle 3.11.4, moodle 3.10.8 and moodle 3.9.11 | affected |
Weaknesses
- CWE-863: CWE-863
ADP Enrichment
CVE Program Container
Additional References
- https://bugzilla.redhat.com/show_bug.cgi?id=2021519
- https://moodle.org/mod/forum/discuss.php?d=429100
References
- https://bugzilla.redhat.com/show_bug.cgi?id=2021519
- https://moodle.org/mod/forum/discuss.php?d=429100
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.