CVE-2024-48899

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Nov 20, 2024

Updated: Nov 21, 2024

CWE ID 284

Summary

CVE-2024-48899 is a newly discovered vulnerability affecting the Moodle learning management system. This issue allows unintended users to access the list of course badges for courses they should not have access to. The vulnerability arises due to insufficient access controls in place, potentially leading to privacy concerns and unauthorized access. Moodle users are strongly advised to implement additional checks to mitigate this risk, ensuring that only authorized individuals can view course badge lists.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/zVtWAD
https://www.cve.org/CVERecord?id=CVE-2024-48899
https://nvd.nist.gov/vuln/detail/CVE-2024-48899

Back to Vulnerability Database

CVE-2024-48899

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations