Security Advisory

CVE-2019-3847

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-03-27 00:00:00

Last updated 2024-08-04 19:19:18

Assigner redhat

State PUBLISHED

Description

A vulnerability was found in moodle before versions 3.6.3, 3.5.5, 3.4.8 and 3.1.17. Users with the "login as other users" capability (such as administrators/managers) can access other users Dashboards, but the JavaScript those other users may have added to their Dashboard was not being escaped when being viewed by the user logging in on their behalf.

← Browse all CVEs View on cve.org ↗