A vulnerability was found in Moodle. Insufficient capability checks made it possible to delete badges that a user does not have permission to access.
2024-11-07T14:15:15.877
2025-05-01T16:02:42.417
Analyzed
CVSSv3.1: 7.5 (HIGH)
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | moodle | moodle | < 4.1.12 | Yes |
Application | moodle | moodle | < 4.2.9 | Yes |
Application | moodle | moodle | < 4.3.6 | Yes |
Application | moodle | moodle | < 4.4.2 | Yes |