The moodle1 backup converter in backup/converter/moodle1/lib.php
in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 does not properly validate pathnames, which allows remote authenticated users to read arbitrary files by leveraging the backup-restoration feature.
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36977
openwall.com/lists/oss-security/2013/01/21/1
github.com/moodle/moodle
github.com/moodle/moodle/commit/0ab681d3e7bed2a37430387f9da8504c0b077d10
github.com/moodle/moodle/commit/7b66137f7bcc84fb5eb07f58fb658b21bf37cc44
moodle.org/mod/forum/discuss.php?d=220160
nvd.nist.gov/vuln/detail/CVE-2012-6099