Description

A flaw was found in moodle. Some hidden user profile fields are visible in gradebook reports, which could result in users without the "view hidden user fields" capability having access to the information.

Remediation

References

CVE-2024-43429

Related Vulnerabilities

Joomla CVE-2021-23127 Vulnerability (CVE-2021-23127)

WordPress Plugin NextGEN Gallery Sell Photo Cross-Site Scripting (1.0.4)

MySQL CVE-2021-2213 Vulnerability (CVE-2021-2213)

WordPress Plugin WP Photo Album 'id' Parameter Cross-Site Scripting (1.5.1)

WordPress Plugin MAZ Loader-Preloader Builder for WordPress Cross-Site Request Forgery (1.4.0)

Severity

Medium

Classification

CVE-2024-43429 CWE-312 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities