PT-2012-1848 · Moodle · Moodle
Published
2012-07-11
·
Updated
2023-02-13
·
CVE-2011-4300
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Moodle versions 2.0.0 through 2.0.4
Moodle versions 2.1.0 through 2.1.1
Description
The file browser component does not properly restrict access to category and course data, allowing remote attackers to obtain potentially sensitive information via a request for a file.
Recommendations
For Moodle versions 2.0.0 through 2.0.4, update to version 2.0.5 or later.
For Moodle versions 2.1.0 through 2.1.1, update to version 2.1.2 or later.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Moodle