CVE-2024-38273
Published: 18 June 2024
Insufficient capability checks meant it was possible for users to gain access to BigBlueButton join URLs they did not have permission to access.
Priority
Status
Package | Release | Status |
---|---|---|
moodle
Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(4.4.1, 4.3.5, 4.2.8, 4.1.11)
|
|
xenial |
Needs triage
|
|
Patches:
upstream: https://git.moodle.org/gw?p=moodle.git;a=commit;h=815b884b6c4464d4639adc5b51b1840f46eaca22 |