CVE-2024-43431 | THREATINT

Description

A vulnerability was found in Moodle. Insufficient capability checks made it possible to delete badges that a user does not have permission to access.

PUBLISHED Reserved 2024-08-13 | Published 2024-11-07 | Updated 2024-11-07 | Assigner fedora

HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Default status

unaffected

Any version before 4.1.12

affected

4.2 (semver) before 4.2.9

affected

4.3 (semver) before 4.3.6

affected

4.4 (semver) before 4.4.2

affected

2024-08-12:	Reported to Red Hat.
2024-08-19:	Made public.

Download JSON