BIT-moodle-2024-48896

See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/moodle/BIT-moodle-2024-48896.json
JSON Data
https://api.osv.dev/v1/vulns/BIT-moodle-2024-48896
Aliases
Published
2024-11-21T07:13:38.787Z
Modified
2024-11-21T07:56:53.627021Z
Summary
[none]
Details

A vulnerability was found in Moodle. It is possible for users with the "send message" capability to view other users' names that they may not otherwise have access to via an error message in Messaging. Note: The name returned follows the full name format configured on the site.

Database specific
{
    "cpes": [
        "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*"
    ],
    "severity": "Medium"
}
References

Affected packages

Bitnami / moodle

Package

Name
moodle
Purl
pkg:bitnami/moodle

Severity

  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.1.14
Introduced
4.2.0
Fixed
4.2.11
Introduced
4.3.0
Fixed
4.3.8
Introduced
4.4.0
Fixed
4.4.4