vulnerability
Moodle: Incorrect Permission Assignment for Critical Resource (CVE-2020-1754)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:P/I:N/A:N) | Aug 5, 2022 | Aug 8, 2022 | Feb 15, 2026 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:P/I:N/A:N)
Published
Aug 5, 2022
Added
Aug 8, 2022
Modified
Feb 15, 2026
Description
In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the grade history report without the 'access all groups' capability were not restricted to viewing grades of users within their own groups.
Solutions
moodle-upgrade-3_5_11moodle-upgrade-3_6_9moodle-upgrade-3_7_5
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.