Boletines de Vulnerabilidades

MSA-22-0011: Description field hidden by user policies (hiddenuserfields) is still visible


Información sobre el sistema

   
Software afectado PHP

Descripción

by Michael Hawkins. The description user field was not hidden when being set as a hidden user field.Severity/Risk:MinorVersions affected:4.0, 3.11 to 3.11.6, 3.10 to 3.10.10, 3.9 to 3.9.13 and earlier unsupported versionsVersions fixed:4.0.1, 3.11.7, 3.10.11 and 3.9.14Reported by:Bo FoghtCVE identifier:CVE-2022-30597Changes (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-74318Tracker issue:MDL-74318 Description field hidden by user policies

More info:

https://moodle.org/mod/forum/discuss.php?d=434579&parent=1748723

Identificadores estándar

Propiedad Valor
CVE CVE-2022-30597.

Histórico de versiones

Versión Comentario Fecha
1.0 Advisory issued 2022-05-18

Miembros de

Ministerio de Defensa
CNI
CCN
CCN-CERT