2024-11-20
:
A security vulnerability, specifically an Insecure Direct Object Reference (IDOR), has been identified in Moodle. This vulnerability could allow an attacker to potentially delete OAuth2-linked accounts that they do not own, under specific circumstances. Moodle has released patched versions to address this issue.
Vulnerability Details:
Platform: Moodle
Version:
< 4.1.13
>= 4.2.0-beta, < 4.2.10
>= 4.3.0-beta, < 4.3.7
>= 4.4.0-beta, < 4.4.3
Vulnerability: Insecure Direct Object Reference (IDOR)
Severity: Moderate
Date: November 20, 2024
What Undercode Says:
This vulnerability highlights the importance of proper input validation and authorization checks in web applications. An IDOR vulnerability can expose sensitive data or allow unauthorized actions if not addressed. It’s crucial for Moodle users to update to the latest patched versions to mitigate this risk.
Given the moderate severity of this vulnerability,
References:
Reported By: Github.com
Undercode AI: https://ai.undercodetesting.com
Image Source:
OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.help