Description

A flaw was found in moodle. Some hidden user profile fields are visible in gradebook reports, which could result in users without the "view hidden user fields" capability having access to the information.

Remediation

References

CVE-2024-43429

Related Vulnerabilities

WordPress Plugin Affiliates Manager Cross-Site Request Forgery (2.6.5)

WordPress Plugin Mail Subscribe List Unspecified Vulnerability (2.0.9)

PHP Other Vulnerability (CVE-2015-8835)

WordPress Plugin WordPress Popular Posts TimThumb Arbitrary File Upload (2.1.4)

Joomla! Core 1.5.x Multiple SQL Injection Vulnerabilities (1.5.0 - 1.5.21)

Severity

Medium

Classification

CVE-2024-43429 CWE-312 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities