Moodle · Moodle · CVE-2011-4288
**Name of the Vulnerable Software and Affected Versions**
Moodle versions 1.9.x through 1.9.11
Moodle versions 2.0.x through 2.0.2
**Description**
The issue is related to improper implementation of associations between teachers and groups. This allows remote authenticated users with the teacher role to read quiz reports of arbitrary students.
**Recommendations**
For Moodle versions 1.9.x through 1.9.11, update to version 1.9.12 or later.
For Moodle versions 2.0.x through 2.0.2, update to version 2.0.3 or later.