CVE-2011-4589

Name of the Vulnerable Software and Affected Versions Moodle versions 2.0.x through 2.0.5 Moodle versions 2.1.x through 2.1.2

Description The issue concerns the handling of course ID numbers during a restore action. It allows remote authenticated users to overwrite ID numbers due to a lack of privilege checking for the moodle/course:changeidnumber privilege in the backup/moodle2/restore stepslib.php file.

Recommendations For Moodle versions 2.0.x through 2.0.5, update to version 2.0.6 or later. For Moodle versions 2.1.x through 2.1.2, update to version 2.1.3 or later.