Security Advisory

CVE-2019-3848

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-03-26 00:00:00

Last updated 2024-08-04 19:19:18

Assigner redhat

State PUBLISHED

Description

A vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3.4.8. Permissions were not correctly checked before loading event information into the calendars edit event modal popup, so logged in non-guest users could view unauthorised calendar events. (Note: It was read-only access, users could not edit the events.)

← Browse all CVEs View on cve.org ↗