CVE-2024-43438

{"id": "CVE-2024-43438", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "patrick@puiterwijk.org", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2024-11-07T14:15:16.430", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304267", "source": "patrick@puiterwijk.org"}, {"url": "https://moodle.org/mod/forum/discuss.php?d=461208", "source": "patrick@puiterwijk.org"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-639"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in Feedback. Bulk messaging in the activity's non-respondents report did not verify message recipients belonging to the set of users returned by the report."}, {"lang": "es", "value": "Se encontr\u00f3 una falla en Feedback. Los mensajes masivos en el informe de no participantes de la actividad no verificaban los destinatarios de los mensajes que pertenec\u00edan al conjunto de usuarios que devolv\u00eda el informe."}], "lastModified": "2024-11-08T19:01:03.880", "sourceIdentifier": "patrick@puiterwijk.org"}