CVE-2019-14829 Information

Description

A vulnerability was found in Moodle affection 3.7 to 3.7.1 3.6 to 3.6.5 3.5 to 3.5.7 and earlier unsupported versions where activity creation capabilities were not correctly respected when selecting the activity to use for a course in single activity mode.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Reference

https://git.moodle.org/gw?p=moodle.git;a=commit;h=208397c120b6bf74ca6a173e42cb527904c5ab42 https://moodle.org/mod/forum/discuss.php?d=391035

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

LOW

Base Score

NONE

Base Severity

4.3