CVE-2019-3847 in Moodle정보

요약

\~에 의해 MITRE

A vulnerability was found in moodle before versions 3.6.3, 3.5.5, 3.4.8 and 3.1.17. Users with the "login as other users" capability (such as administrators/managers) can access other users' Dashboards, but the JavaScript those other users may have added to their Dashboard was not being escaped when being viewed by the user logging in on their behalf.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

예약하다

2019. 01. 03.

모더레이션

수락

항목

VDB-132549

CPE

준비됨

CWE

CWE-20 (확인됨)

CVSS

7.2 (NVD)

EPSS

0.00867

KEV

아니요

활동

매우 낮음

부문

Education, Police

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2019-3847
NVD	https://nvd.nist.gov/vuln/detail/CVE-2019-3847
CVE Details	https://www.cvedetails.com/cve/CVE-2019-3847/

◂ 이전 개요 다음 ▸

Might our Artificial Intelligence support you?

Check our Alexa App!