Description

A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it.

Remediation

References

CVE-2022-30598

Related Vulnerabilities

Drupal Core 4.6.x Mail Header Injection (4.6.0 - 4.6.5)

PHP hangs on parsing particular strings as floating point number

WordPress Plugin Two Way CHAT-Send or receive messages to your user Multiple Vulnerabilities (3.1.4)

WordPress Plugin Better Click To Tweet Unspecified Vulnerability (5.1)

ClipBucket Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2018-7664)

Severity

Medium

Classification

CVE-2022-30598 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities