Описание
blog/rsslib.php in Moodle 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 allows remote attackers to obtain sensitive information from site-level blogs by leveraging the guest role and reading an RSS feed.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.5.4-1ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [2.5.4-1ubuntu1]] |
| hardy | ignored | end of life |
| lucid | not-affected | 1.9.4.dfsg-0ubuntu4 |
| oneiric | not-affected | 1.9.9.dfsg2-3 |
| precise | not-affected | 1.9.9.dfsg2-6 |
| quantal | ignored | end of life |
| raring | ignored | end of life |
| saucy | not-affected | 2.5.2-1 |
| trusty | not-affected | 2.5.4-1ubuntu1 |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
blog/rsslib.php in Moodle 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 allows remote attackers to obtain sensitive information from site-level blogs by leveraging the guest role and reading an RSS feed.
blog/rsslib.php in Moodle 2.2.x before 2.2.7, 2.3.x before 2.3.4, and ...
blog/rsslib.php in Moodle 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 allows remote attackers to obtain sensitive information from site-level blogs by leveraging the guest role and reading an RSS feed.
EPSS
5 Medium
CVSS2