{"id":"CVE-2024-48899","details":"A vulnerability was found in Moodle. Additional checks are required to ensure users can only fetch the list of course badges for courses that they are intended to have access to.","aliases":["BIT-moodle-2024-48899","GHSA-r4xr-m393-778m"],"modified":"2026-03-09T23:54:32.526249Z","published":"2024-11-20T11:15:05.563Z","references":[{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318819"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/moodle/moodle","events":[{"introduced":"ee91c6536f99e1633e2245780c4fe7f47340ed66"},{"fixed":"d7e3bea9fa95ff686b370969cc1bcc3fca0919bf"}],"database_specific":{"versions":[{"introduced":"4.4.0"},{"fixed":"4.4.4"}]}}],"versions":["v4.4.0","v4.4.1","v4.4.2","v4.4.3"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-48899.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}]}