In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the grade history report without the 'access all groups' capability were not restricted to viewing grades of users within their own groups.
References
Link | Resource |
---|---|
https://moodle.org/mod/forum/discuss.php?d=398350 | Issue Tracking Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
07 Aug 2022, 03:10
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.3 |
CWE | CWE-732 | |
References | (MISC) https://moodle.org/mod/forum/discuss.php?d=398350 - Issue Tracking, Patch, Vendor Advisory | |
First Time |
Moodle
Moodle moodle |
|
CPE | cpe:2.3:a:moodle:moodle:3.8.0:*:*:*:*:*:*:* cpe:2.3:a:moodle:moodle:3.8.1:*:*:*:*:*:*:* cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:* |
05 Aug 2022, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-08-05 16:15
Updated : 2023-12-10 14:35
NVD link : CVE-2020-1754
Mitre link : CVE-2020-1754
CVE.ORG link : CVE-2020-1754
JSON object : View
Products Affected
moodle
- moodle