CVE-2013-2083

Опубликовано: 25 мая 2013

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The MoodleQuickForm class in lib/formslib.php in Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not properly handle a certain array-element syntax, which allows remote attackers to bypass intended form-data filtering via a crafted request.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:moodle:moodle:2.1.0:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.1:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.2:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.3:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.4:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.5:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.6:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.7:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.8:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.9:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.10:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:a:moodle:moodle:2.2.0:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.2.1:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.2.2:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.2.3:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.2.4:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.2.5:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.2.6:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.2.7:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.2.8:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.2.9:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:a:moodle:moodle:2.3.0:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.3.1:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.3.2:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.3.3:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.3.4:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.3.5:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.3.6:*:*:*:*:*:*:*

Конфигурация 4

Одно из

cpe:2.3:a:moodle:moodle:2.4.0:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.4.1:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.4.2:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.4.3:*:*:*:*:*:*:*

EPSS

Процентиль: 69%

0.00605

Низкий

5 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVE-2013-2083

ubuntu

около 12 лет назад

CVE-2013-2083

debian

около 12 лет назад

The MoodleQuickForm class in lib/formslib.php in Moodle through 2.1.10 ...

GHSA-m63h-q4x3-6hwj

github

около 3 лет назад

Moodle is vulnerable to Improper Input Validation in MoodleQuickForm class

EPSS

Процентиль: 69%

0.00605

Низкий

5 Medium

CVSS2

Дефекты

CWE-20