Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Moodle Incorrect Permission Assignment for Critical Resource Vulnerability - CVE-2020-1754 - Vulnerability Database
Moodle

Moodle Incorrect Permission Assignment for Critical Resource Vulnerability - CVE-2020-1754

Medium
Reference: CVE-2020-1754
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-1754
Title: Moodle Incorrect Permission Assignment for Critical Resource Vulnerability
Overview:

In Moodle before 3.8.2 3.7.5 3.6.9 and 3.5.11 users viewing the grade history report without the 39access all groups39 capability were not restricted to viewing grades of users within their own groups.