CVE-2024-48898

CVE-2024-48898: Moodle: some users can delete audiences of other reports

Weakness CWE-862 · Missing authorization
Published November 18, 2024
Last update November 18, 2024

CVSS base score

What the vulnerability does

01Description

A vulnerability was found in Moodle. Users with access to delete audiences from reports could delete audiences from other reports that they do not have permission to delete from.

Key dates

02Disclosure timeline

November 18, 2024 CVE published