What the vulnerability does
01Description
A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Users with permission to delete entries from a glossary were able to delete entries from other glossaries they did not have direct access to.
CVSS base score
4.0/10
CVSS vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Key dates
02Disclosure timeline
July 31, 2019
CVE published
August 4, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2026-13568 SourceCodester Inventory Management System User Registration Endpoint users_handler.php access control
CVE-2025-0740 Improper Access Control vulnerability in EmbedAI
CVE-2023-21751 Azure DevOps Server Spoofing Vulnerability
CVE-2023-0998 SourceCodester Alphaware Simple E-Commerce System Payment summary.php access control
CVE-2021-25431
