A flaw was found in Moodle before versions 3.7, 3.6.4. A web service fetching messages was not restricted to the current user’s conversations.
Source: NIST
CVE-2019-10154
Security in mind
A flaw was found in Moodle before versions 3.7, 3.6.4. A web service fetching messages was not restricted to the current user’s conversations.
Source: NIST
CVE-2019-10154