CVE-2016-5014

CVE-2016-5014

EPSS 1.0%

In Moodle 2.x and 3.x, an unenrolled user still receives event monitor notifications even though they can no longer access the course.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://moodle.org/mod/forum/discuss.php?d=336699 http://www.securityfocus.com/bid/92042