Description

A vulnerability was found in moodle before version 3.6.3. The get_with_capability_join and get_users_by_capability functions were not taking context freezing into account when checking user capabilities

Remediation

References

CVE-2019-3852

Related Vulnerabilities

WordPress Plugin MAC PHOTO GALLERY 'albid' Parameter Arbitrary File Disclosure (2.8)

MySQL CVE-2020-2752 Vulnerability (CVE-2020-2752)

WordPress Plugin Integration for Contact Form 7 and Constant Contact Cross-Site Scripting (1.0.8)

Oracle Application Server CVE-2006-0282 Vulnerability (CVE-2006-0282)

Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.25)

Severity

Medium

Classification

CVE-2019-3852 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities