Moodle: Vulnerability Allows Unauthorized Access to Report Schedules - Proactive Insights and Support For Open-Source Applications

In Moodle versions starting from 0 before 4.1.0, from 4.1.0 before 4.1.14, from 4.2.0 before 4.2.11, from 4.3.0 before 4.3.8, and from 4.4.0 before 4.4.4 a medium severity vulnerability CVE-2024-48901 was detected. This vulnerability allows attackers to access and view the schedule of a report in Moodle without having the necessary permissions to edit it. To fix this issue, users should upgrade Moodle to versions 4.5.0-rc2 or higher. For more details, visit https://nvd.nist.gov/vuln/detail/cve-2024-48901.