6.4
CVE-2012-5480
- EPSS 1.6%
- Veröffentlicht 21.11.2012 12:55:03
- Zuletzt bearbeitet 16.06.2026 23:46:51
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The Database activity module in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote attackers to bypass intended restrictions on reading other participants' entries via an advanced search.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.6% | 0.727 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.4 | 10 | 4.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:P
|
http://openwall.com/lists/oss-security/2012/11/19/1
http://www.securityfocus.com/bid/56505
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-35558
https://moodle.org/mod/forum/discuss.php?d=216160