VYPR
Medium severity4.3NVD Advisory· Published Sep 29, 2022· Updated Jun 17, 2026

CVE-2021-40692

CVE-2021-40692

Description

Insufficient capability checks made it possible for teachers to download users outside of their courses.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
moodle/moodlePackagist
>= 3.11, < 3.11.33.11.3
moodle/moodlePackagist
>= 3.10, < 3.10.73.10.7
moodle/moodlePackagist
>= 3.9, < 3.9.103.9.10

Affected products

3
  • users outside of their courses/users outside of their coursesdescription
  • osv-coords2 versions
    >= 3.9.0, < 3.9.10+ 1 more
    • (no CPE)range: >= 3.9.0, < 3.9.10
    • (no CPE)range: >= 3.11, < 3.11.3

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.