Описание
The default configuration of Moodle 2.0.x before 2.0.2 has an incorrect setting of the moodle/course:delete capability, which allows remote authenticated users to delete arbitrary courses by leveraging the teacher role.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:moodle:moodle:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.0.1:*:*:*:*:*:*:*
EPSS
Процентиль: 62%
0.00442
Низкий
5.5 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
ubuntu
почти 13 лет назад
The default configuration of Moodle 2.0.x before 2.0.2 has an incorrect setting of the moodle/course:delete capability, which allows remote authenticated users to delete arbitrary courses by leveraging the teacher role.
debian
почти 13 лет назад
The default configuration of Moodle 2.0.x before 2.0.2 has an incorrec ...
EPSS
Процентиль: 62%
0.00442
Низкий
5.5 Medium
CVSS2
Дефекты
CWE-264