CVE-2019-3848 in Moodleالمعلومات

الملخص

بحسب MITRE

A vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3.4.8. Permissions were not correctly checked before loading event information into the calendar's edit event modal popup, so logged in non-guest users could view unauthorised calendar events. (Note: It was read-only access, users could not edit the events.)

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

Red Hat, Inc.

حجز

03/01/2019

الاعتدال

تمت الموافقة

إدخال

VDB-132449

CPE

جاهز

CWE

CWE-200 (مؤكد)

CVSS

4.3 (NVD)

EPSS

0.00133

KEV

لا

النشاطات

منخفض جدًا

القطاع

Police, Education

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2019-3848
NVD	https://nvd.nist.gov/vuln/detail/CVE-2019-3848
CVE Details	https://www.cvedetails.com/cve/CVE-2019-3848/

التالي ▸نظرة عامة ◂ السابق

Do you know our Splunk app?

Download it now for free!