Vulnerabilities > CVE-2019-3852 - Unspecified vulnerability in Moodle

047910
CVSS 4.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
moodle
NVD
Published: 2019-03-26
Updated: 2020-08-24

Summary

A vulnerability was found in moodle before version 3.6.3. The get_with_capability_join and get_users_by_capability functions were not taking context freezing into account when checking user capabilities

Vulnerable Configurations

Part Description Count
Application
Moodle
293

References