Описание
Moodle 2.0.x before 2.0.7 and 2.1.x before 2.1.4, when an anonymous front-page forum is enabled, allows remote attackers to obtain session keys for their sessions by visiting the front page.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.2.2.dfsg-2 |
| esm-apps/xenial | not-affected | 2.2.2.dfsg-2 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [2.2.2.dfsg-2]] |
| hardy | ignored | end of life |
| lucid | ignored | end of life |
| maverick | ignored | end of life |
| natty | ignored | end of life |
| oneiric | ignored | end of life |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Moodle 2.0.x before 2.0.7 and 2.1.x before 2.1.4, when an anonymous front-page forum is enabled, allows remote attackers to obtain session keys for their sessions by visiting the front page.
Moodle 2.0.x before 2.0.7 and 2.1.x before 2.1.4, when an anonymous fr ...
Moodle 2.0.x before 2.0.7 and 2.1.x before 2.1.4, when an anonymous front-page forum is enabled, allows remote attackers to obtain session keys for their sessions by visiting the front page.
EPSS
4.3 Medium
CVSS2