MEDIUM🇵🇱 Wersja polska

CVE-2019-14829

CVSS 4.3v3.1pub. 2021-03-19upd. 2024-11-21

A vulnerability was found in Moodle affection 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions where activity creation capabilities were not correctly respected when selecting the activity to use for a course in single activity mode.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
  • Moodle

    APP
    Moodle
    3.5.0 – 3.5.73.6.0 – 3.6.53.7.0 – 3.7.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-33999CRITICAL9.8PL ✓ten sam produkt

Moodle MFA — niewystarczająca sanityzacja URL referrer

CVE-2023-28333CRITICAL9.8ten sam produkt

The Mustache pix helper contained a potential Mustache injection risk if combined with user input (note: This ...

CVE-2021-36392CRITICAL9.8ten sam produkt

In Moodle, an SQL injection risk was identified in the library fetching a user's enrolled courses.

CVE-2021-36393CRITICAL9.8ten sam produkt

In Moodle, an SQL injection risk was identified in the library fetching a user's recent courses.

CVE-2021-36394CRITICAL9.8ten sam produkt

In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin.