CVE-2016-0724

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-0724

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-0724.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2016-0724

Aliases

GHSA-hjrj-7wcj-7j3c

Related

UBUNTU-CVE-2016-0724

Published

2016-02-22T05:59:21Z

Modified

2024-09-03T00:56:43.114460Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

The (1) coreenrolgetcourseenrolmentmethods and (2) enrolselfgetinstance_info web services in Moodle through 2.6.11, 2.7.x before 2.7.12, 2.8.x before 2.8.10, 2.9.x before 2.9.4, and 3.0.x before 3.0.2 do not consider the moodle/course:viewhiddencourses capability, which allows remote authenticated users to obtain sensitive information via a web-service request.

References

Affected packages

Git / github.com/moodle/moodle

Affected ranges

Type: GIT
Repo: https://github.com/moodle/moodle
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

12e29080e14d82441e10bcd91a6067508e5c4dfa

Last affected

1f2979d0e51c2d2a8dc535b9c84b7364016fe8d4

Last affected

21db825b19e84bb24c0661b551a5069970e143c4

Last affected

296b602f2cd751cac5de6bda553db381432da704

Last affected

31059fd6534655d0eb55a5a455f7b885ec53e0e2

Last affected

3a325f777f9d43fda5c1dfb1287a8bf6d8e61938

Last affected

6114fab93b414fcfa107d5a8fa2b35bc99d3464e

Last affected

62e799ac84232c065790c8cab0f841e43ae038e0

Last affected

68b1fd2c5500284e0afe8fda78b2e9551eb697a6

Last affected

6926971a0f203a4f5d3bed9f20ad43451f33690c

Last affected

803ddf9af38c632eb58d1c7ea4b2611e873e6325

Last affected

8533cba2ae9d000a5e98742d9d66f07d934754aa

Last affected

8b3d19c2f52bcfc6b5df4cdd376948d4fac975fa

Last affected

ae1854f55c265e2e0966de4b81636c31c641b029

Last affected

b7d2ed3004ba4f165aba55e1a235f02d55f76624

Last affected

be3e6f62029e26a125871d4b6bf42156cb7e512c

Last affected

c1ed2546431985262aefc4a39f9dec43e12426d3

Last affected

c948f378b9d7a819d2d430894fa9840cfe9b5590

Last affected

cbd90c01c120a199ca53b5965785c55f88834cdc

Last affected

dc7b914677dcdded287671ca9eb92e0e95e9f2a0

Last affected

e494078a27ae8fd2f91c908d12911adb3c32e6ee

Last affected

f25f4caffdece4aabb65b3fb2b2864f4318602ec

Last affected

f2c730fecfcc9850ea39cf53186f8b3f0a114ae1

Last affected

f4dc567e79e871b7e0aab64dd39706ac112094ac

Last affected

fa54db9c03de0fca90d717aed5e05814470983ca

Last affected

fad0937a8211e761f6f71d9c585bc4390bc1f0b3

Affected versions

v1.*

v1.0.0

v1.0.1

v1.0.2

v1.0.3

v1.0.4

v1.0.5

v1.0.6

v1.0.7

v1.0.8

v1.0.9

v1.1.0

v1.1.1

v1.2.0

v1.2.1

v1.3.0

v2.*

v2.0.0

v2.0.0-rc1

v2.0.0-rc2

v2.0.1

v2.0.2

v2.1.0

v2.2.0

v2.2.0-beta

v2.2.0-rc1

v2.3.0

v2.3.0-beta

v2.3.0-rc1

v2.4.0

v2.4.0-beta

v2.4.0-rc1

v2.5.0

v2.5.0-beta

v2.5.0-rc1

v2.6.0

v2.6.0-beta

v2.6.0-rc1

v2.7.0

v2.7.0-beta

v2.7.0-rc1

v2.7.0-rc2

v2.7.1

v2.7.2

v2.7.3

v2.7.4

v2.7.5

v2.7.6

v2.7.7

v2.7.8

v2.8.0

v2.8.0-beta

v2.8.0-rc1

v2.8.0-rc2

v2.8.1

v2.8.2

v2.8.3

v2.8.4

v2.8.5

v2.8.6

v2.8.7