PT-2012-4680 · Moodle · Moodle

Petr Škoda

·

Publicado

2012-07-23

·

Atualizado

2022-05-13

·

CVE-2012-3387

CVSS v2.0

4.0

Média

VetorAV:N/AC:L/Au:S/C:N/I:P/A:N
Name of the Vulnerable Software and Affected Versions Moodle versions 2.3.x through 2.3.0
Description The issue allows remote authenticated users to bypass intended alias restrictions in file uploads by using a client that omits the client-side check.
Recommendations For Moodle versions 2.3.x through 2.3.0, update to version 2.3.1 to resolve the issue.

Correção

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264CWE-287

Identificadores relacionados

CVE-2012-3387
GHSA-W66H-C2VJ-CM7F

Produtos afetados

Moodle