2024-11-20
Platform: Moodle
Version: All versions before 4.5.0-rc2 (unconfirmed)
Vulnerability: Improper Authorization
Severity: Medium (CVSS v2 score: 5.0, CVSS v3 score: 6.5)
Date: November 18, 2024 (published), November 20, 2024 (last modified)
What Undercode Says:
A vulnerability exists in Moodle that allows users to edit or delete RSS feeds they shouldn’t have access to. This could be exploited to modify or remove important information from RSS feeds.
Moodle administrators should update to version 4.5.0-rc2 or later as soon as possible to address this vulnerability.
References:
Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com
Image Source:
OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.help