vulnerability
Moodle: Unspecified Security Vulnerability (CVE-2024-25980)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:P/I:N/A:N) | Feb 19, 2024 | Jan 27, 2025 | Jan 28, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
Feb 19, 2024
Added
Jan 27, 2025
Modified
Jan 28, 2025
Description
Separate Groups mode restrictions were not honored in the H5P attempts report, which would display users from other groups. By default this only provided additional access to non-editing teachers.
Solution(s)
moodle-upgrade-4_1_9moodle-upgrade-4_2_6moodle-upgrade-4_3_3
References
- CVE-2024-25980
- https://attackerkb.com/topics/CVE-2024-25980
- URL-http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-80501
- URL-https://bugzilla.redhat.com/show_bug.cgi?id=2264096
- URL-https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/
- URL-https://moodle.org/mod/forum/discuss.php?d=455636
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.