UBUNTU-CVE-2012-3390

lib/filelib.php in Moodle 2.1.x before 2.1.7 and 2.2.x before 2.2.4 does not properly restrict file access after a block has been hidden, which allows remote authenticated users to obtain sensitive information by reading a file that is embedded in a block...

PT-2012-4683 · Moodle · Moodle

Name of the Vulnerable Software and Affected Versions: Moodle versions 2.1.x through 2.1.6 Moodle versions 2.2.x through 2.2.3 Description: The issue allows remote authenticated users to obtain sensitive information by reading a file that is embedded in a block, due to improper restriction of fil...