CVE-2024-48899

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-48899

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-48899.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-48899

Aliases

BIT-moodle-2024-48899
GHSA-r4xr-m393-778m

Related

UBUNTU-CVE-2024-48899

Published

2024-11-20T11:15:05Z

Modified

2025-06-03T16:59:28.662067Z

Summary

[none]

Details

A vulnerability was found in Moodle. Additional checks are required to ensure users can only fetch the list of course badges for courses that they are intended to have access to.

References

https://bugzilla.redhat.com/show_bug.cgi?id=2318819

Affected packages

Git / github.com/moodle/moodle

Affected ranges

Type: GIT
Repo: https://github.com/moodle/moodle
Events: Introduced

ee91c6536f99e1633e2245780c4fe7f47340ed66

Fixed

d7e3bea9fa95ff686b370969cc1bcc3fca0919bf

Affected versions

v4.*

v4.4.0

v4.4.1

v4.4.2

v4.4.3