CVE-2013-2082

Name of the Vulnerable Software and Affected Versions Moodle versions 2.1.0 through 2.1.10 Moodle versions 2.2.x before 2.2.10 Moodle versions 2.3.x before 2.3.7 Moodle versions 2.4.x before 2.4.4

Description The issue allows remote attackers to obtain sensitive information via a crafted request, due to the lack of capability requirements enforcement for reading blog comments.

Recommendations For versions 2.1.0 through 2.1.10, update to version 2.1.11 or later. For versions 2.2.x before 2.2.10, update to version 2.2.10 or later. For versions 2.3.x before 2.3.7, update to version 2.3.7 or later. For versions 2.4.x before 2.4.4, update to version 2.4.4 or later.