Rossiani Wijaya

#31788of 53,633
8Total CVSS
Vulnerabilities · 2
Medium
2
PT-2013-3618
4.0
2013-07-21
Moodle · Moodle · CVE-2013-2243
**Name of the Vulnerable Software and Affected Versions** Moodle versions 2.2.11 and earlier Moodle versions 2.3.x before 2.3.8 Moodle versions 2.4.x before 2.4.5 Moodle versions 2.5.x before 2.5.1 **Description** The issue allows remote authenticated users to obtain sensitive answer information by reading the HTML source code of a document, specifically affecting the mod/lesson/pagetypes/matching.php file. **Recommendations** For Moodle versions 2.2.11 and earlier, update to a version later than 2.2.11. For Moodle versions 2.3.x before 2.3.8, update to version 2.3.8 or later. For Moodle versions 2.4.x before 2.4.5, update to version 2.4.5 or later. For Moodle versions 2.5.x before 2.5.1, update to version 2.5.1 or later.
PT-2012-5988
4.0
2012-11-21
Moodle · Moodle · CVE-2012-5472
**Name of the Vulnerable Software and Affected Versions** Moodle versions 2.2.x through 2.2.5 Moodle versions 2.3.x through 2.3.2 **Description** The issue allows remote authenticated users to bypass intended access restrictions. This is achieved by modifying the value of a frozen form field in lib/formslib.php. **Recommendations** For Moodle versions 2.2.x through 2.2.5, update to version 2.2.6 or later. For Moodle versions 2.3.x through 2.3.2, update to version 2.3.3 or later.