Moodle · Moodle · CVE-2013-2079
**Name of the Vulnerable Software and Affected Versions**
Moodle versions 2.3.x through 2.3.6
Moodle versions 2.4.x through 2.4.3
**Description**
The issue allows remote authenticated users to read other users' assignments by leveraging the student role, due to the failure of mod/assign/locallib.php in the assignment module to consider capability requirements during the processing of ZIP assignment-archive download requests.
**Recommendations**
For Moodle versions 2.3.x through 2.3.6, update to version 2.3.7 or later.
For Moodle versions 2.4.x through 2.4.3, update to version 2.4.4 or later.