Lucene search
Veracode Vulnerability DatabaseVERACODE:4478HistoryJun 23, 2017 - 9:27 a.m.
Authorization Bypass
2017-06-2309:27:38
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
EPSS
0.003
Percentile
71.5%
Moodle is vulnerable to authorization bypass. The library does not consider if a forum is optional, allowing a malicious user to bypass forum-subscription requirements through the student role and unsubscribing from all forums.
References
git.moodle.org/gw?p=moodle.git&a=search&h=refs%2Fheads%2FMOODLE_22_STABLE&st=commit&s=MDL-31460
openwall.com/lists/oss-security/2012/07/17/1
secunia.com/advisories/49890
www.securityfocus.com/bid/54481
exchange.xforce.ibmcloud.com/vulnerabilities/76958
git.moodle.org/gw?p=moodle.git&a=search&h=refs%2Fheads%2FMOODLE_22_STABLE&st=commit&s=MDL-31460
Related
nvd
nvd
CVE-2012-3392
2012-07-23 21:55:04
cve
cve
CVE-2012-3392
2012-07-23 21:55:04
ubuntucve
ubuntucve
CVE-2012-3392
2012-07-23 00:00:00
prion
prion
Design/Logic Flaw
2012-07-23 21:55:00
cvelist
cvelist
CVE-2012-3392
2012-07-23 21:00:00
nessus
nessus
Moodle 2.1.x < 2.1.7 Multiple Vulnerabilities
2016-07-21 00:00:00
Moodle 2.2.x < 2.2.4 Multiple Vulnerabilities
2016-07-21 00:00:00
Fedora 16 : moodle-2.0.10-1.fc16 (2012-11028)
2012-08-02 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: moodle-2.2.4-1.fc17
2012-08-01 22:28:41
[SECURITY] Fedora 16 Update: moodle-2.0.10-1.fc16
2012-08-01 22:27:44
openvas
openvas
Fedora Update for moodle FEDORA-2012-11028
2012-08-03 00:00:00
Fedora Update for moodle FEDORA-2012-11039
2012-08-30 00:00:00
Fedora Update for moodle FEDORA-2012-11028
2012-08-03 00:00:00