CVE-2022-0334

Summary

A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. Insufficient capability checks could lead to users accessing their grade report for courses where they did not have the required gradereport/user:view capability.

Affected Software

VendorProductVersion RangeStatus
n/amoodlemoodle 3.11.5, moodle 3.10.9 and moodle 3.9.12affected

Weaknesses

  • CWE-863: CWE-863

ADP Enrichment

CVE Program Container

Additional References

References