Описание
lib.php in the Submission comments plugin in the Assignment module in Moodle 2.3.x before 2.3.4 and 2.4.x before 2.4.1 allows remote attackers to read or modify the submission comments (aka feedback comments) of arbitrary users via a crafted URI.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.5.4-1ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [2.5.4-1ubuntu1]] |
| hardy | ignored | end of life |
| lucid | not-affected | 1.9.4.dfsg-0ubuntu4 |
| oneiric | not-affected | 1.9.9.dfsg2-3 |
| precise | not-affected | 1.9.9.dfsg2-6 |
| quantal | not-affected | 2.2.3.dfsg-2.3 |
| raring | ignored | end of life |
| saucy | not-affected | 2.5.2-1 |
| trusty | not-affected | 2.5.4-1ubuntu1 |
Показывать по
EPSS
6.4 Medium
CVSS2
Связанные уязвимости
lib.php in the Submission comments plugin in the Assignment module in Moodle 2.3.x before 2.3.4 and 2.4.x before 2.4.1 allows remote attackers to read or modify the submission comments (aka feedback comments) of arbitrary users via a crafted URI.
lib.php in the Submission comments plugin in the Assignment module in ...
lib.php in the Submission comments plugin in the Assignment module in Moodle 2.3.x before 2.3.4 and 2.4.x before 2.4.1 allows remote attackers to read or modify the submission comments (aka feedback comments) of arbitrary users via a crafted URI.
EPSS
6.4 Medium
CVSS2