Description

It was possible for a student to view their quiz grade before it had been released, using a quiz web service. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected

Remediation

References

CVE-2021-32473

Related Vulnerabilities

WordPress 4.4.x Cross-Site Scripting Vulnerability (4.4 - 4.4.2)

Phusion Passenger Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2119)

WordPress Plugin EWWW Image Optimizer Cross-Site Request Forgery (5.8.1)

MySQL CVE-2019-2644 Vulnerability (CVE-2019-2644)

WordPress Plugin Simple Mail Address Encoder Cross-Site Scripting (1.6.1)

Severity

Medium

Classification

CVE-2021-32473 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities