Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Moodle Authorization Bypass Through User-Controlled Key Vulnerability - CVE-2023-28334 - Vulnerability Database
Moodle

Moodle Authorization Bypass Through User-Controlled Key Vulnerability - CVE-2023-28334

Medium
Reference: CVE-2023-28334
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2023-28334
Title: Moodle Authorization Bypass Through User-Controlled Key Vulnerability
Overview:

Authenticated users were able to enumerate other users39 names via the learning plans page.