CVE-2021-43560

Summary

A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. Insufficient capability checks made it possible to fetch other users' calendar action events.

Affected Software

VendorProductVersion RangeStatus
n/amoodlemoodle 3.11.4, moodle 3.10.8 and moodle 3.9.11affected

Weaknesses

  • CWE-863: CWE-863

ADP Enrichment

CVE Program Container

Additional References

References