AI Score
Confidence
Low
EPSS
Percentile
69.1%
The file_browser component in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 does not properly restrict access to category and course data, which allows remote attackers to obtain potentially sensitive information via a request for a file.
git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=f6b07c4da54a9db24723beb147e8a19a3d487e00
moodle.org/mod/forum/discuss.php?d=188311
bugzilla.redhat.com/show_bug.cgi?id=747444