Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2021-20281

UNKNOWN
Published 2021-03-15T21:35:50
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2021-20281. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

It was possible for some users without permission to view other users' full names to do so via the online users block in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

✓ GitHub Reviewed MODERATE

Moodle allowed some users without permission to view other users' full names

GHSA-93wh-35r4-6qmw

Advisory Details

It was possible for some users without permission to view other users' full names to do so via the online users block in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.

Affected Packages

Packagist moodle/moodle
ECOSYSTEM: ≥3.10.0 <3.10.2
Packagist moodle/moodle
ECOSYSTEM: ≥3.9.0 <3.9.5
Packagist moodle/moodle
ECOSYSTEM: ≥3.8.0 <3.8.8
Packagist moodle/moodle
ECOSYSTEM: ≥3.5 <3.5.17

CVSS Scoring

CVSS Score

5.0

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2021-20281
WEB https://github.com/moodle/moodle/commit/33d6017287e1835513a3de8edd3fbf7a6a90af9c
WEB https://bugzilla.redhat.com/show_bug.cgi?id=1939041
PACKAGE https://github.com/moodle/moodle
WEB https://lists.fedoraproject.org/archives/list/[email protected]/message/AFSNJ7XHVTC52RSRX2GBQFF3VEEAY2MS
WEB https://lists.fedoraproject.org/archives/list/[email protected]/message/UFH5DDMU5TZ3JT4Q52WMRAHACA5MHIMT
WEB https://moodle.org/mod/forum/discuss.php?d=419652

Advisory provided by GitHub Security Advisory Database. Published: March 29, 2021, Modified: August 11, 2022

References

https://bugzilla.redhat.com/show_bug.cgi?id=1939041
https://moodle.org/mod/forum/discuss.php?d=419652
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AFSNJ7XHVTC52RSRX2GBQFF3VEEAY2MS/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFH5DDMU5TZ3JT4Q52WMRAHACA5MHIMT/
Published: 2021-03-15T21:35:50
Last Modified: 2024-08-03T17:37:23.634Z
Copied to clipboard!