Описание
lib/filelib.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 does not properly check the publication state of blog files, which allows remote attackers to obtain sensitive information by reading a blog entry that references a non-public file.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.2.6.dfsg-1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [2.2.6.dfsg-1]] |
| hardy | ignored | end of life |
| lucid | not-affected | |
| natty | not-affected | |
| oneiric | not-affected | |
| precise | not-affected | 1.9.9.dfsg2-6 |
| quantal | ignored | end of life |
| raring | not-affected | 2.2.6.dfsg-1 |
| saucy | not-affected | 2.2.6.dfsg-1 |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
lib/filelib.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 does not properly check the publication state of blog files, which allows remote attackers to obtain sensitive information by reading a blog entry that references a non-public file.
lib/filelib.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and ...
lib/filelib.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 does not properly check the publication state of blog files, which allows remote attackers to obtain sensitive information by reading a blog entry that references a non-public file.
EPSS
5 Medium
CVSS2