Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Moodle Incorrect Default Permissions Vulnerability (CVE-2024-43430)

Description

A flaw was found in moodle. External API access to Quiz can override contained insufficient access control.

Remediation

References

Related Vulnerabilities

Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-2450)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3617)

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-1113)

Jenkins Missing Authorization Vulnerability (CVE-2017-1000400)

Ruby on Rails Uncontrolled Resource Consumption Vulnerability (CVE-2026-33169)

Severity

Medium

Classification

CVE-2024-43430 CWE-276 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities