Moodle Vulnerability: Additional Access Controls Needed for Course Badges
CVE-2024-48899

Currently unrated

Key Information:

Vendor: Moodle
Status: Moodle
Vendor: CVE Published:; 20 November 2024

What is CVE-2024-48899?

A vulnerability was found in Moodle. Additional checks are required to ensure users can only fetch the list of course badges for courses that they are intended to have access to.

References

https://bugzilla.redhat.com/show_bug.cgi?id=2318819

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 20, 2024