vulnerability
Moodle: Incorrect Permission Assignment for Critical Resource (CVE-2020-1754)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:P/I:N/A:N) | 08/05/2022 | 08/08/2022 | 01/30/2025 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:P/I:N/A:N)
Published
08/05/2022
Added
08/08/2022
Modified
01/30/2025
Description
In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the grade history report without the 'access all groups' capability were not restricted to viewing grades of users within their own groups.
Solution(s)
moodle-upgrade-3_5_11moodle-upgrade-3_6_9moodle-upgrade-3_7_5
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.