vulnerability

Moodle: Incorrect Authorization (CVE-2022-0985)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:N/I:P/A:N)	Apr 29, 2022	May 13, 2022	Jul 24, 2023

Severity

CVSS

(AV:N/AC:L/Au:S/C:N/I:P/A:N)

Published

Apr 29, 2022

Added

May 13, 2022

Modified

Jul 24, 2023

Description

Insufficient capability checks could allow users with the moodle/site:uploadusers capability to delete users, without having the necessary moodle/user:delete capability.

Solutions

moodle-upgrade-3_10_10moodle-upgrade-3_11_6moodle-upgrade-3_9_13

References

CVE-2022-0985
https://attackerkb.com/topics/CVE-2022-0985
URL-https://bugzilla.redhat.com/show_bug.cgi?id=2064117

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today