CVE-2014-0127

Name of the Vulnerable Software and Affected Versions Moodle versions prior to 2.3.11 Moodle versions 2.4.x before 2.4.9 Moodle versions 2.5.x before 2.5.5 Moodle versions 2.6.x before 2.6.2

Description The issue concerns the time-validation implementation in certain Moodle files, allowing remote authenticated users to bypass restrictions on starting a Feedback activity by choosing an unavailable time.

Recommendations For versions prior to 2.3.11, update to version 2.3.11 or later. For versions 2.4.x before 2.4.9, update to version 2.4.9 or later. For versions 2.5.x before 2.5.5, update to version 2.5.5 or later. For versions 2.6.x before 2.6.2, update to version 2.6.2 or later.