Activity Creation Capabilities Bypass in Moodle

Activity Creation Capabilities Bypass in Moodle

CVE-2019-14829 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

A vulnerability was found in Moodle affection 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions where activity creation capabilities were not correctly respected when selecting the activity to use for a course in single activity mode.

Learn more about our Web Application Penetration Testing UK.