CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
EPSS
Percentile
78.0%
The theme implementation in Moodle 2.0.x before 2.0.4 and 2.1.x before
2.1.1 triggers duplicate caching of Cascading Style Sheets (CSS) and
JavaScript content, which allows remote attackers to bypass intended access
restrictions and write to an operating-system temporary directory via
unspecified vectors.
Author | Note |
---|---|
jdstrand | moodle 2.0 only |