CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
EPSS
Percentile
77.4%
The Database activity module in Moodle 2.1.x before 2.1.9, 2.2.x before
2.2.6, and 2.3.x before 2.3.3 allows remote attackers to bypass intended
restrictions on reading other participants’ entries via an advanced search.
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-35558
openwall.com/lists/oss-security/2012/11/19/1
launchpad.net/bugs/cve/CVE-2012-5480
moodle.org/mod/forum/discuss.php?d=216160
nvd.nist.gov/vuln/detail/CVE-2012-5480
security-tracker.debian.org/tracker/CVE-2012-5480
www.cve.org/CVERecord?id=CVE-2012-5480