CVE-2024-43428

CVSS v3.1

7.7

High

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions Moodle (affected versions not specified)

Description The issue is related to a cache poisoning risk, which may allow an attacker to gain access to confidential information through caching. Additional validation for local storage was required to address this risk.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Special Elements Injection

Insufficient Verification of Data Authenticity

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74CWE-345CWE-524

Related Identifiers

ALT-PU-2024-16385

ALT-PU-2024-16417

BDU:2024-10189

BIT-MOODLE-2024-43428

CVE-2024-43428

GHSA-2R9M-WG35-RFVC

Affected Products

Alt Linux

Moodle

Red Os

CVE-2024-43428

Weakness Enumeration

Related Identifiers

Affected Products

References · 19