MEDIUM🇬🇧 English

CVE-2019-14829

CVSS 4.3v3.1pub. 2021-03-19upd. 2024-11-21

A vulnerability was found in Moodle affection 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions where activity creation capabilities were not correctly respected when selecting the activity to use for a course in single activity mode.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
  • Moodle

    APP
    Moodle
    3.5.0 – 3.5.73.6.0 – 3.6.53.7.0 – 3.7.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2024-33999CRITICAL9.8PL ✓ten sam produkt

Moodle MFA — niewystarczająca sanityzacja URL referrer

CVE-2023-28333CRITICAL9.8ten sam produkt

The Mustache pix helper contained a potential Mustache injection risk if combined with user input (note: This ...

CVE-2021-36392CRITICAL9.8ten sam produkt

In Moodle, an SQL injection risk was identified in the library fetching a user's enrolled courses.

CVE-2021-36393CRITICAL9.8ten sam produkt

In Moodle, an SQL injection risk was identified in the library fetching a user's recent courses.

CVE-2021-36394CRITICAL9.8ten sam produkt

In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin.

CVE-2019-14829 — MEDIUM 4.3 | CVEbaza.pl