Description

A vulnerability was found in Moodle. Users with access to delete audiences from reports could delete audiences from other reports that they do not have permission to delete from.

Remediation

References

CVE-2024-48898

Related Vulnerabilities

MySQL CVE-2015-4761 Vulnerability (CVE-2015-4761)

phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0814)

SharePoint CVE-2025-21400 Vulnerability (CVE-2025-21400)

Drupal Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2017-6381)

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-6818)

Severity

Medium

Classification

CVE-2024-48898 CWE-862 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities