vulnerability

Moodle: Missing Authorization (CVE-2019-10187)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:N/I:P/A:N)	Jul 31, 2019	Nov 7, 2019	Nov 27, 2024

Severity

CVSS

(AV:N/AC:L/Au:S/C:N/I:P/A:N)

Published

Jul 31, 2019

Added

Nov 7, 2019

Modified

Nov 27, 2024

Description

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Users with permission to delete entries from a glossary were able to delete entries from other glossaries they did not have direct access to.

Solutions

moodle-upgrade-3_5_7moodle-upgrade-3_6_5moodle-upgrade-3_7_1

References

CVE-2019-10187
https://attackerkb.com/topics/CVE-2019-10187
URL-http://www.securityfocus.com/bid/109174
URL-https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10187
URL-https://moodle.org/mod/forum/discuss.php?d=388568#p1566330

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today