MSA-19-0019: Course creation did not check the creators role assignment capability before automatically assigning them as a teacher in the course
|
System information
|
| |
|
|
Affected software |
PHP |
Description
|
by Michael Hawkins. Users with the capability to create courses were assigned as a teacher in those courses, regardless of whether they had the capability to be automatically assigned that role.Severity/Risk:MinorVersions affected:3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versionsVersions fixed:3.7.2, 3.6.6 and 3.5.8Reported by:Andrew NicolsCVE identifier:CVE-2019-14828Changes
More info:
https://moodle.org/mod/forum/discuss.php?d=391031&parent=1576205 |
Standar resources
|
|
Property |
Value |
|
CVE |
CVE-2019-14828. |
