Description

A flaw was found in moodle. Insufficient capability checks make it possible for users with access to restore glossaries in courses to restore them into the global site glossary.

Remediation

References

CVE-2024-43435

Related Vulnerabilities

WordPress Plugin NEX-Forms-Ultimate Form builder Multiple SQL Injection Vulnerabilities (4.0)

WordPress Plugin Disable Image Right Click Cross-Site Scripting (1.0)

Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42114)

SharePoint CVE-2020-1505 Vulnerability (CVE-2020-1505)

WordPress Plugin WP-FB-AutoConnect Multiple Cross-Site Request Forgery Vulnerabilities (4.0.5)

Severity

Medium

Classification

CVE-2024-43435 CWE-754 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities