CVE-2021-20283 - CERT CVE
ID CVE-2021-20283
Sažetak The web service responsible for fetching other users' enrolled courses did not validate that the requesting user had permission to view that information in each course in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.
Reference
CVSS
Base: 4.0
Impact: 2.9
Exploitability:8.0
Pristup
VektorSloženostAutentikacija
NETWORK LOW SINGLE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL NONE NONE
CVSS vektor AV:N/AC:L/Au:S/C:P/I:N/A:N
Zadnje važnije ažuriranje 07-11-2023 - 03:29
Objavljeno 15-03-2021 - 22:15