Description

In Moodle, insufficient capability checks made it possible to remove other users' calendar URL subscriptions.

Remediation

References

CVE-2021-36400

Related Vulnerabilities

WordPress Plugin Protected Posts Logout Button Security Bypass (1.4.5)

MySQL CVE-2022-21355 Vulnerability (CVE-2022-21355)

WordPress Plugin Watu Quiz Cross-Site Scripting (3.3.9.2)

Ruby Improper Input Validation Vulnerability (CVE-2013-1821)

WordPress Plugin Attach Gallery Posts Cross-Site Scripting (1.6)

Severity

Medium

Classification

CVE-2021-36400 CWE-639 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities