Lucene search

K
prionPRIOn knowledge basePRION:CVE-2011-4279
HistoryJul 16, 2012 - 10:28 a.m.

Code injection

2012-07-1610:28:00
PRIOn knowledge base
www.prio-n.com
1

6.6 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.3%

Moodle 2.0.x before 2.0.2 does not use the forceloginforprofiles setting for course-profiles access control, which makes it easier for remote attackers to obtain potentially sensitive information via vectors involving use of a search engine, as demonstrated by the search functionality of Google, Yahoo!, Wrensoft Zoom, MSN, Yandex, and AltaVista.

CPENameOperatorVersion
moodleeq2.0.1
moodleeq2.0.0

6.6 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.3%

Related for PRION:CVE-2011-4279