2024-11-19
A security vulnerability has been identified in Moodle, allowing users with certain privileges to delete audiences from reports they are not authorized to access. This issue is classified as moderate severity.
Vulnerability Details
Platform: Moodle
Version:
< 4.1.14
>= 4.2.0, < 4.2.11
>= 4.3.0, < 4.3.8
>= 4.4.0, < 4.4.4
Vulnerability: Unauthorized deletion of report audiences
Severity: Moderate
Date: November 18, 2024
What Undercode Says:
This Moodle vulnerability, CVE-2024-46984, poses a moderate security risk. It allows malicious actors to potentially compromise sensitive data by removing authorized users from specific reports.
To mitigate this risk, it is strongly recommended to update Moodle to the latest patched versions:
4.1.14
4.2.11
4.3.8
4.4.4
Regular security updates and vigilant monitoring of system logs are essential to protect against potential exploitation of this vulnerability.
References:
Reported By: Github.com
Undercode AI: https://ai.undercodetesting.com
Image Source:
OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.help