Lucene search
K

6 matches found

NVD
NVD
added 2016/02/22 5:59 a.m.13 views

CVE-2015-3273

mod/forum/post.php in Moodle 2.9.x before 2.9.1 does not consider the mod/forum:canposttomygroups capability before authorizing "Post a copy to all groups" actions, which allows remote authenticated users to bypass intended access restrictions by leveraging per-group authorization...

4.3CVSS5.4AI score0.015EPSS
Exploits0References4
Cvelist
Cvelist
added 2016/02/22 2:0 a.m.21 views

CVE-2015-3273

mod/forum/post.php in Moodle 2.9.x before 2.9.1 does not consider the mod/forum:canposttomygroups capability before authorizing "Post a copy to all groups" actions, which allows remote authenticated users to bypass intended access restrictions by leveraging per-group authorization...

5.3AI score0.015EPSS
Exploits0References4
CVE
CVE
added 2016/02/22 2:0 a.m.53 views

CVE-2015-3273

CVE-2015-3273 affects Moodle 2.9.x prior to 2.9.1. The vulnerability arises in mod/forum/post.php where the mod/forum:canposttomygroups capability is not honored when authorizing the "Post a copy to all groups" action, allowing remote authenticated users to bypass per-group access restrictions. I...

4.3CVSS5.2AI score0.015EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/09/16 12:0 a.m.33 views

Fedora 22 : moodle-2.8.7-1.fc22 (2015-14988)

moodle-2.8.7-1.fc22 - Latest upstream release. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

7.4CVSS5.9AI score0.01893EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2015/09/16 12:0 a.m.24 views

Fedora 21 : moodle-2.7.9-1.fc21 (2015-14996)

moodle-2.7.9-1.fc21 - 2.7.9. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

7.4CVSS5.9AI score0.01893EPSS
Exploits0References16
FreeBSD
FreeBSD
added 2015/07/06 12:0 a.m.35 views

moodle -- multiple vulnerabilities

Marina Glancy reports: MSA-15-0026: Possible phishing when redirecting to external site using referer header. CVE-2015-3272 MSA-15-0027: Capability 'mod/forum:canposttomygroups' is not respected when using 'Post a copy to all groups' in forum CVE-2015-3273 MSA-15-0028: Possible XSS through custom...

7.4CVSS5.9AI score0.01849EPSS
Exploits0References4
Rows per page
Query Builder