First published: Tue Jul 10 2018(Updated: )
A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7, 3.1.13. It was possible for the core_course_get_categories web service to return hidden categories, which should be omitted when fetching course categories.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Moodle Moodle | >=3.1.0<3.1.13 | |
Moodle Moodle | >=3.3.0<3.3.7 | |
Moodle Moodle | >=3.4.0<3.4.4 | |
Moodle Moodle | >=3.5.0<3.5.1 | |
composer/moodle/moodle | >=3.5<3.5.1 | 3.5.1 |
composer/moodle/moodle | >=3.4<3.4.4 | 3.4.4 |
composer/moodle/moodle | >=3.3<3.3.7 | 3.3.7 |
composer/moodle/moodle | >=3.1<3.1.13 | 3.1.13 |
>=3.1.0<3.1.13 | ||
>=3.3.0<3.3.7 | ||
>=3.4.0<3.4.4 | ||
>=3.5.0<3.5.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.