CVE-2013-4524

Name of the Vulnerable Software and Affected Versions Moodle versions prior to 2.2.11 Moodle versions 2.3.x before 2.3.10 Moodle versions 2.4.x before 2.4.7 Moodle versions 2.5.x before 2.5.3

Description A directory traversal issue allows remote authenticated users to read arbitrary files by using a .. (dot dot) in a path.

Recommendations For versions prior to 2.2.11, update to version 2.2.11 or later. For versions 2.3.x before 2.3.10, update to version 2.3.10 or later. For versions 2.4.x before 2.4.7, update to version 2.4.7 or later. For versions 2.5.x before 2.5.3, update to version 2.5.3 or later.