Bug 2309941 (CVE-2024-45689) - moodle: Unprotected access to sensitive information via dynamic tables Key Information: Bug ID: 2309941 CVE ID: CVE-2024-45689 Title: moodle: Unprotected access to sensitive information via dynamic tables Reported: 2024-09-04 22:14 UTC by OSIDB Bzimport Modified: 2024-11-18 13:26 UTC Status: NEW Severity: high Product: Security Response Component: vulnerability Version: unspecified Hardware: All OS: Linux Priority: high Target Milestone: --- Assignee: Product Security DevOps Team Doc Type: If docs needed, set a value Doc Text: A flaw was found in Moodle. Dynamic tables did not enforce capability checks, which resulted in users having the ability to retrieve information they did not have permission to access. Environment: Last Closed: