Описание
Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated administrators to obtain sensitive information from the external repositories of arbitrary users by leveraging the login_as feature.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | ignored | end of standard support, was needed |
| cosmic | ignored | end of life |
| devel | DNE | |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | needed | |
| esm-apps/xenial | needed | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needed] |
| esm-infra/focal | DNE |
Показывать по
10
Ссылки на источники
EPSS
Процентиль: 53%
0.00306
Низкий
3.5 Low
CVSS2
Связанные уязвимости
nvd
больше 12 лет назад
Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated administrators to obtain sensitive information from the external repositories of arbitrary users by leveraging the login_as feature.
debian
больше 12 лет назад
Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and ...
github
больше 3 лет назад
Moodle's login_as feature leaks information from external repositories
EPSS
Процентиль: 53%
0.00306
Низкий
3.5 Low
CVSS2