CVE-2024-48898

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-48898
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-48898.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-48898
Aliases
Related
Published
2024-11-18T12:15:18Z
Modified
2025-02-14T11:56:38.077982Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
Summary
[none]
Details

A vulnerability was found in Moodle. Users with access to delete audiences from reports could delete audiences from other reports that they do not have permission to delete from.

References

Affected packages

Git / github.com/moodle/moodle

Affected ranges

Type
GIT
Repo
https://github.com/moodle/moodle
Events
Introduced
ae4efa96ee8169a848c141ad21690165ea791552
Last affected
823f673b731637b6cc80fdb29ebd82d52a32b955
Last affected
d56aa41e9e88d27657baaf4834878f43458e292d
Introduced
ee91c6536f99e1633e2245780c4fe7f47340ed66
Last affected
d7e3bea9fa95ff686b370969cc1bcc3fca0919bf
Introduced
fe7aff8093240cc373f1ddaa66ecb91c4bc0a09f
Last affected
db959720edaa544188ccad8bf4b2b79db383b876

Affected versions

v4.*

v4.2.0
v4.2.1
v4.2.10
v4.2.11
v4.2.2
v4.2.3
v4.2.4
v4.2.5
v4.2.6
v4.2.7
v4.2.8
v4.2.9
v4.3.0
v4.3.0-beta
v4.3.0-rc1
v4.3.0-rc2
v4.3.1
v4.3.2
v4.3.3
v4.3.4
v4.3.5
v4.3.6
v4.3.7
v4.3.8
v4.4.0
v4.4.0-beta
v4.4.0-rc1
v4.4.0-rc2
v4.4.1
v4.4.2
v4.4.3
v4.4.4