2024-11-19
Moodle has a vulnerability that allows unauthorized access to report schedules. This issue is classified as moderate severity.
Form:
Platform: Moodle
Version: < 4.1.14, >= 4.2.0, < 4.2.11, >= 4.3.0, < 4.3.8, >= 4.4.0, < 4.4.4 Vulnerability: IDOR (Insecure Direct Object Reference) Severity: Moderate Date: November 18, 2024
What Undercode Says:
Moodle, a popular open-source learning management system, has been found to be vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability. This issue, tracked as CVE-2024-46993, allows unauthorized access to report schedules.
While classified as moderate severity, this vulnerability could potentially be exploited by malicious actors to gain unauthorized access to sensitive information. It’s crucial for Moodle users to update their installations to the latest patched versions: 4.1.14, 4.2.11, 4.3.8, or 4.4.4 to mitigate this risk.
We recommend that all Moodle administrators prioritize updating their systems to the latest version and stay informed about security advisories to ensure the security of their learning platforms.
https://t.me/UndercodeCommunity
References:
Reported By: Github.com
Undercode AI: https://ai.undercodetesting.com
Image Source:
OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.help