CVE-2021-43560

A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. Insufficient capability checks made it possible to fetch other users' calendar action events.
References
Link Resource
https://moodle.org/mod/forum/discuss.php?d=429100 Patch Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2021519 Issue Tracking Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:7.0:*:*:*:*:*:*:*

Information

Published : 2021-11-22 04:15

Updated : 2022-12-21 03:01


NVD link : CVE-2021-43560

Mitre link : CVE-2021-43560

Products Affected
No products.
CWE