Количество 4
Количество 4
CVE-2014-7846
tag/tag_autocomplete.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not consider the moodle/tag:edit capability before adding a tag, which allows remote authenticated users to bypass intended access restrictions via an AJAX request.
CVE-2014-7846
tag/tag_autocomplete.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not consider the moodle/tag:edit capability before adding a tag, which allows remote authenticated users to bypass intended access restrictions via an AJAX request.
CVE-2014-7846
tag/tag_autocomplete.php in Moodle through 2.4.11, 2.5.x before 2.5.9, ...
GHSA-468q-9cmp-76wc
Moodle does not consider the moodle/tag:edit capability before adding a tag
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2014-7846 tag/tag_autocomplete.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not consider the moodle/tag:edit capability before adding a tag, which allows remote authenticated users to bypass intended access restrictions via an AJAX request. | CVSS2: 4 | 0% Низкий | больше 10 лет назад |
 | CVE-2014-7846 tag/tag_autocomplete.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not consider the moodle/tag:edit capability before adding a tag, which allows remote authenticated users to bypass intended access restrictions via an AJAX request. | CVSS2: 4 | 0% Низкий | больше 10 лет назад |
| CVE-2014-7846 tag/tag_autocomplete.php in Moodle through 2.4.11, 2.5.x before 2.5.9, ... | CVSS2: 4 | 0% Низкий | больше 10 лет назад |
| GHSA-468q-9cmp-76wc Moodle does not consider the moodle/tag:edit capability before adding a tag | 0% Низкий | около 3 лет назад |
Уязвимостей на страницу