A flaw was found in Feedback. Bulk messaging in the activity's non-respondents report did not verify message recipients belonging to the set of users returned by the report.
Metrics
Affected Vendors & Products
References
History
Thu, 07 Nov 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Moodle
Moodle moodle |
|
Weaknesses | CWE-639 | |
CPEs | cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:* | |
Vendors & Products |
Moodle
Moodle moodle |
|
Metrics |
ssvc
|
Thu, 07 Nov 2024 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A flaw was found in Feedback. Bulk messaging in the activity's non-respondents report did not verify message recipients belonging to the set of users returned by the report. | |
Title | Moodle: idor in feedback non-respondents report allows messaging arbitrary site users | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: fedora
Published: 2024-11-07T13:31:20.238Z
Updated: 2024-11-07T16:48:06.773Z
Reserved: 2024-08-13T07:15:00.599Z
Link: CVE-2024-43438
Vulnrichment
Updated: 2024-11-07T14:42:24.630Z
NVD
Status : Awaiting Analysis
Published: 2024-11-07T14:15:16.430
Modified: 2024-11-08T19:01:03.880
Link: CVE-2024-43438
Redhat
No data.