CVE-2022-0984

State: PUBLISHED · Published: 2022-04-29 · Updated: 2024-08-02 · Assigner: redhat

Description

Users with the capability to configure badge criteria (teachers and managers by default) were able to configure course badges with profile field criteria, which should only be available for site badges.

CWE

CWE-863 — CWE-863

Affected

n/a / moodle — v=moodle 3.11.6, moodle 3.10.10, moodle 3.9.13 [affected]

CVSS

(none)

References

https://bugzilla.redhat.com/show_bug.cgi?id=2064118 x_refsource_MISC

Source

cvelistV5-main/cves/2022/0xxx/CVE-2022-0984.json