Description

A vulnerability was found in Moodle affection 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions where activity creation capabilities were not correctly respected when selecting the activity to use for a course in single activity mode.

Remediation

References

CVE-2019-14829

Related Vulnerabilities

WordPress Plugin Chatbot with IBM Watson Cross-Site Scripting (0.8.20)

XOOPS Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-0613)

Cherokee Out-of-bounds Write Vulnerability (CVE-2019-20800)

WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor Security Bypass (2.3.5)

Liferay Portal Other Vulnerability (CVE-2024-26270)

Severity

Medium

Classification

CVE-2019-14829 CWE-573 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities