CVE-2011-4590

Name of the Vulnerable Software and Affected Versions Moodle versions 2.0.x through 2.0.5 Moodle versions 2.1.x through 2.1.2

Description The issue concerns the web services implementation, which fails to properly account for the maintenance-mode state and user attributes during login attempts. This allows remote authenticated users to bypass intended access restrictions by connecting to a webservice server.

Recommendations For Moodle versions 2.0.x through 2.0.5, update to version 2.0.6 or later. For Moodle versions 2.1.x through 2.1.2, update to version 2.1.3 or later.