WEB APPLICATION VULNERABILITIES Standard & Premium

Moodle Improper Following of Specification by Caller Vulnerability (CVE-2019-14829)

Description

A vulnerability was found in Moodle affection 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions where activity creation capabilities were not correctly respected when selecting the activity to use for a course in single activity mode.

Remediation

References

Related Vulnerabilities

WordPress Plugin Process Steps Template Designer Cross-Site Request Forgery (1.2.1)

MySQL CVE-2021-2056 Vulnerability (CVE-2021-2056)

CubeCart Improper Access Control Vulnerability (CVE-2015-6928)

WordPress Plugin Entries For WPForms SQL Injection (1.4.0)

WordPress Plugin WP Social Invitations Cross-Site Scripting (1.4.4.2)

Severity

Medium

Classification

CVE-2019-14829 CWE-573 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities