Description

A vulnerability was found in Moodle. Users with access to delete audiences from reports could delete audiences from other reports that they do not have permission to delete from.

Remediation

References

CVE-2024-48898

Related Vulnerabilities

WordPress Plugin Soundy Background Music Cross-Site Scripting (3.9)

WordPress Plugin Quartz SQL Injection (1.01.1)

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4629)

PHP Other Vulnerability (CVE-2002-0081)

Envoy Proxy Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2024-32976)

Severity

Medium

Classification

CVE-2024-48898 CWE-862 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities