CVE-2019-10189 MEDIUM

CVE-2019-10189

Vendor The Moodle Project
Product moodle
Weakness CWE-284
Published July 31, 2019
Last update August 4, 2024

CVSS base score

4.0/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in an assignment group could modify group overrides for other groups in the same assignment.

Key dates

02Disclosure timeline

July 31, 2019 CVE published
August 4, 2024 Record updated