Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Untriaged
(browse all)
created 5 months ago
Moodle: idor in feedback non-respondents report allows messaging arbitrary site users

A flaw was found in Feedback. Bulk messaging in the activity's non-respondents report did not verify message recipients belonging to the set of users returned by the report.

Affected products

moodle
  • <4.2.9
  • <4.1.12
  • <4.3.6
  • <4.4.2

Matching in nixpkgs

pkgs.moodle

Free and open-source learning management system (LMS) written in PHP

  • nixos-unstable -

pkgs.moodle-dl

Moodle downloader that downloads course content fast from Moodle

  • nixos-unstable -

Package maintainers