PT-2017-12372 · Moodle · Moodle
Juan Leyva
·
Publicado
2017-09-18
·
Atualizado
2022-05-17
·
CVE-2017-12157
CVSS v3.1
4.3
Média
| Vetor | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Moodle versions 3.x
Description
The issue allows teachers to view details about users in groups they cannot access through various course reports.
Recommendations
For Moodle versions 3.x, update to a version where this issue is resolved, or consider restricting access to sensitive course reports until a patch is available.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Moodle