Описание
Moodle 2.3.x before 2.3.1 uses only a client-side check for whether references are permitted in a file upload, which allows remote authenticated users to bypass intended alias (aka shortcut) restrictions via a client that omits this check.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:moodle:moodle:2.3.0:*:*:*:*:*:*:*
EPSS
Процентиль: 42%
0.00198
Низкий
4 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
ubuntu
около 13 лет назад
Moodle 2.3.x before 2.3.1 uses only a client-side check for whether references are permitted in a file upload, which allows remote authenticated users to bypass intended alias (aka shortcut) restrictions via a client that omits this check.
debian
около 13 лет назад
Moodle 2.3.x before 2.3.1 uses only a client-side check for whether re ...
EPSS
Процентиль: 42%
0.00198
Низкий
4 Medium
CVSS2
Дефекты
CWE-264