Boletines de Vulnerabilidades

MSA-18-0011: User who did not agree to the site policies can see the site homepage as if they had full site access

Información sobre el sistema
   
Software afectado PHP

Descripción
di Marina Glancy. Site policies agreement is not checked for logged in users who browse front page and activities on itSeverity/Risk:MinorVersions affected:3.4 to 3.4.2, 3.3 to 3.3.5, 3.2 to 3.2.8, 3.1 to 3.1.11 and earlier unsupported versionsVersions fixed:3.5, 3.4.3, 3.3.6, 3.2.9 and 3.1.12Reported by:Marina GlancyChanges (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-61996Tracker issue:MDL-61996 User who did not agree to the site policies can

More info:

https://moodle.org/mod/forum/discuss.php?d=371203&parent=1496357

Identificadores estándar
Propiedad Valor
CVE

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2018-11-16

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT