vulnerability
Moodle: Incorrect Permission Assignment for Critical Resource (CVE-2020-1754)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:P/I:N/A:N) | 2022-08-05 | 2022-08-08 | 2025-01-30 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:P/I:N/A:N)
Published
2022-08-05
Added
2022-08-08
Modified
2025-01-30
Description
In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the grade history report without the 'access all groups' capability were not restricted to viewing grades of users within their own groups.
Solution(s)
moodle-upgrade-3_5_11moodle-upgrade-3_6_9moodle-upgrade-3_7_5
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.