CVE-2015-5272

Опубликовано: 22 фев. 2016

Источник: nvd

CVSS3: 4.3

CVSS2: 4

EPSS Низкий

Описание

The Forum module in Moodle 2.7.x before 2.7.10 allows remote authenticated users to post to arbitrary groups by leveraging the teacher role, as demonstrated by a post directed to "all participants."

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:moodle:moodle:2.7.0:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.7.1:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.7.2:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.7.3:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.7.4:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.7.5:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.7.6:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.7.7:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.7.8:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.7.9:*:*:*:*:*:*:*

EPSS

Процентиль: 51%

0.00283

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

CVE-2015-5272

CVSS3: 4.3

ubuntu

больше 9 лет назад

The Forum module in Moodle 2.7.x before 2.7.10 allows remote authenticated users to post to arbitrary groups by leveraging the teacher role, as demonstrated by a post directed to "all participants."

CVE-2015-5272

CVSS3: 4.3

debian

больше 9 лет назад

The Forum module in Moodle 2.7.x before 2.7.10 allows remote authentic ...

GHSA-r227-v24c-j96q

CVSS3: 4.3

github

около 3 лет назад

The Forum module in Moodle 2.7.x before 2.7.10 allows remote authenticated users to post to arbitrary groups by leveraging the teacher role, as demonstrated by a post directed to "all participants."

BDU:2016-00595

fstec

больше 9 лет назад

Уязвимость системы управления обучением Мoodle, позволяющая нарушителю изменять данные в произвольных группах

EPSS

Процентиль: 51%

0.00283

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-264