Unrated severityNVD Advisory· Published Mar 25, 2013· Updated Apr 29, 2026

CVE-2013-1829

Description

calendar/managesubscriptions.php in Moodle 2.4.x before 2.4.2 does not consider capability requirements before displaying calendar subscriptions, which allows remote authenticated users to obtain potentially sensitive information by leveraging the student role.

Affected products

Moodle/Moodle2 versions
cpe:2.3:a:moodle:moodle:2.4.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:moodle:moodle:2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.4.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

moodle.org/mod/forum/discuss.phpnvdVendor Advisory
openwall.com/lists/oss-security/2013/03/25/2nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000