CVE-2022-0333

Summary

A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The calendar:manageentries capability allowed managers to access or modify any calendar event, but should have been restricted from accessing user level events.

Affected Software

VendorProductVersion RangeStatus
n/amoodlemoodle 3.11.5, moodle 3.10.9 and moodle 3.9.12affected

Weaknesses

  • CWE-863: CWE-863

ADP Enrichment

CVE Program Container

Additional References

References