CVE-2024-48897
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Published Nov 18, 2024
Updated: Nov 20, 2024
CWE ID 285
CWE ID 863
Summary
CVE-2024-48897: A vulnerability has been identified in the Moodle learning management system. This issue pertains to insufficient access controls for RSS feeds, allowing unauthorized users to edit or delete feeds they should not be able to modify. The vulnerability could potentially lead to data manipulation or unintended changes to course content. Organizations using Moodle are advised to implement additional checks to ensure user permissions are properly enforced for RSS feed management.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Moodle
Affected Vendors
- Moodle