Inadequate access control in Moodle LMS. This vulnerability could allow a local user with a student role to create arbitrary events intended for users with higher roles. It could also allow the attacker to add events to the calendar of all users without their prior consent.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: INCIBE
Published: 2024-02-12T10:51:44.652Z
Updated: 2024-08-01T18:40:21.074Z
Reserved: 2024-02-12T09:16:49.433Z
Link: CVE-2024-1439
Vulnrichment
Updated: 2024-08-01T18:40:21.074Z
NVD
Status : Awaiting Analysis
Published: 2024-02-12T11:15:08.147
Modified: 2024-02-12T14:19:54.330
Link: CVE-2024-1439
Redhat
No data.