CVE-2024-48898

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Nov 18, 2024
Updated: Nov 20, 2024
CWE ID 862

Summary

CVE-2024-48898 is a newly discovered vulnerability affecting the Moodle learning management system. This issue grants users with the ability to delete audiences from reports the unexpected capability to delete audiences from other reports they don't have the required permissions for. This discrepancy in access control could potentially lead to unintended data modification, posing a risk to the security and integrity of Moodle installations. It is crucial for system administrators to apply the necessary patch as soon as possible to mitigate this vulnerability and prevent unauthorized data deletions.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share