CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
EPSS
Percentile
80.2%
The assignment module in Moodle before 2.4.4 was not checking capabilities for users downloading all assignments as a zip (CVE-2013-2079). The Gradebook’s Overview report in Moodle before 2.4.4 was showing grade totals that may have incorrectly included hidden grades (CVE-2013-2080). When registering a site on a hub (not Moodle.net) site in Moodle before 2.4.4, information was being sent to the hub regardless of settings chosen (CVE-2013-2081). There was no check of permissions for viewing comments on blog posts in Moodle before 2.4.4 (CVE-2013-2082). Form elements named using a specific naming scheme were not being filtered correctly in Moodle before 2.4.4 (CVE-2013-2083).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 3 | noarch | moodle | < 2.4.4-1.1 | moodle-2.4.4-1.1.mga3 |