Description

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in an assignment group could modify group overrides for other groups in the same assignment.

Remediation

References

CVE-2019-10189

Related Vulnerabilities

PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-15161)

WordPress Plugin AdKlick Advertising Management Unspecified Vulnerability (1.1)

Moodle Resource Management Errors Vulnerability (CVE-2015-2268)

GlassFish Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3314)

Oracle JRE CVE-2013-2421 Vulnerability (CVE-2013-2421)

Severity

Medium

Classification

CVE-2019-10189 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities