CVE-2024-48898
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Summary
CVE-2024-48898 is a newly discovered vulnerability affecting the Moodle learning management system. This issue grants users with the ability to delete audiences from reports the unexpected capability to delete audiences from other reports they don't have the required permissions for. This discrepancy in access control could potentially lead to unintended data modification, posing a risk to the security and integrity of Moodle installations. It is crucial for system administrators to apply the necessary patch as soon as possible to mitigate this vulnerability and prevent unauthorized data deletions.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Moodle
Affected Vendors
- Moodle