Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Moodle CVE-2021-36397 Vulnerability (CVE-2021-36397)

Description

In Moodle, insufficient capability checks meant message deletions were not limited to the current user.

Remediation

References

Related Vulnerabilities

Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-3938)

WordPress Plugin Platinum SEO Pack Cross-Site Scripting (1.3.7)

WordPress Plugin Stars Menu Cross-Site Scripting (1.0.1)

WordPress Plugin File Manager Cross-Site Request Forgery (7.2.4)

MongoDb Missing Authorization Vulnerability (CVE-2024-6375)

Severity

Medium

Classification

CVE-2021-36397 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities