Описание
admin/roles/override.php in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to gain privileges by leveraging the teacher role and modifying their own capabilities, as demonstrated by obtaining the backup:userinfo capability.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 2.5.4-1ubuntu1 |
| cosmic | not-affected | 2.5.4-1ubuntu1 |
| devel | not-affected | 2.5.4-1ubuntu1 |
| esm-apps/bionic | not-affected | 2.5.4-1ubuntu1 |
| esm-apps/xenial | not-affected | 2.5.4-1ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [2.5.4-1ubuntu1]] |
| hardy | ignored | end of life |
| lucid | not-affected | |
| natty | not-affected |
Показывать по
6.5 Medium
CVSS2
Связанные уязвимости
admin/roles/override.php in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to gain privileges by leveraging the teacher role and modifying their own capabilities, as demonstrated by obtaining the backup:userinfo capability.
admin/roles/override.php in Moodle 2.0.x before 2.0.9, 2.1.x before 2. ...
admin/roles/override.php in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to gain privileges by leveraging the teacher role and modifying their own capabilities, as demonstrated by obtaining the backup:userinfo capability.
6.5 Medium
CVSS2