GHSA-q99x-mjmh-v8w7

GitHub Security Advisory

Moodle's user/power level management inconsistent with suspended users

✓ GitHub Reviewed LOW Has CVE

A flaw was found in moodle. Matrix room membership and power levels are incorrectly applied and revoked for suspended Moodle users.

Packagist moodle/moodle

Affected versions: 4.4.0 (fixed in 4.4.2)

Packagist moodle/moodle

Affected versions: 4.3.0 (fixed in 4.3.6)

CVE-2024-43433

GHSA ID

GHSA-q99x-mjmh-v8w7

Published

November 11, 2024 3:31 PM

Last Modified

November 12, 2024 9:26 PM

CVSS Score

2.5 /10

Primary Ecosystem

Packagist

Primary Package

moodle/moodle

GitHub Reviewed

✓ Yes

Last updated: September 12, 2025 6:34 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.