First published: Fri Jan 21 2022(Updated: )
A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. Insufficient capability checks could lead to users accessing their grade report for courses where they did not have the required gradereport/user:view capability.
Credit: patrick@puiterwijk.org
Affected Software | Affected Version | How to fix |
---|---|---|
Moodle Moodle | <=3.8.9 | |
Moodle Moodle | >=3.9.0<=3.9.11 | |
Moodle Moodle | >=3.10.0<3.10.9 | |
Moodle Moodle | >=3.11.0<3.11.5 | |
redhat/moodle | <3.11.5 | 3.11.5 |
redhat/moodle 3.10.9 and moodle | <3.9.12 | 3.9.12 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.