Description
The Database activity module in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote attackers to bypass intended restrictions on reading other participants' entries via an advanced search.
Remediation
References
Related Vulnerabilities
WordPress Plugin CopySafe Web Protection Cross-Site Request Forgery (2.5)
WordPress Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2022-3590)
WordPress Plugin Easy Digital Downloads Attach Accounts to Orders Cross-Site Scripting (2.0.1)
MySQL CVE-2024-21230 Vulnerability (CVE-2024-21230)
XWiki Improper Neutralization of Alternate XSS Syntax Vulnerability (CVE-2023-35158)