vulnerability

Moodle: Missing Authorization (CVE-2024-45689)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:L/Au:S/C:C/I:N/A:N)	Nov 20, 2024	Jun 4, 2025	Jul 28, 2025

Severity

CVSS

(AV:N/AC:L/Au:S/C:C/I:N/A:N)

Published

Nov 20, 2024

Added

Jun 4, 2025

Modified

Jul 28, 2025

Description

A flaw was found in Moodle. Dynamic tables did not enforce capability checks, which resulted in users having the ability to retrieve information they did not have permission to access.

Solutions

moodle-upgrade-4_1_13moodle-upgrade-4_2_10moodle-upgrade-4_3_7moodle-upgrade-4_4_3

References

CVE-2024-45689
https://attackerkb.com/topics/CVE-2024-45689
URL-https://bugzilla.redhat.com/show_bug.cgi?id=2309941

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today