What the vulnerability does

01Description

It was found in Moodle before version 3.10.1, 3.9.4 and 3.8.7 that a insufficient capability checks in some grade related web services meant students were able to view other students grades.

Key dates

02Disclosure timeline

January 28, 2021 CVE published
August 3, 2024 Record updated