4.3
CVE-2023-5542
- EPSS 0.27%
- Veröffentlicht 09.11.2023 20:15:09
- Zuletzt bearbeitet 21.11.2024 08:41:58
- Quelle patrick@puiterwijk.org
- CVE-Watchlists
- Unerledigt
LoginMoodle: students can view other users in "only see own membership" groups
Students in "Only see own membership" groups could see other students in the group, which should be hidden.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Fedoraproject ≫ Extra Packages For Enterprise Linux Version7.0
Fedoraproject ≫ Fedora Version38
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.27% | 0.501 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
|
| patrick@puiterwijk.org | 3.3 | 1.8 | 1.4 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
|
CWE-284 Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CWE-668 Exposure of Resource to Wrong Sphere
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.