CVE-2012-2354 in Moodleinfo

Summary

Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to bypass the moodle/site:readallmessages capability requirement and read arbitrary messages by using the "Recent conversations" feature with a modified parameter in a URL.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

04/19/2012

Disclosure

07/20/2012

Moderation

VulDB entry created

Entries

VDB-61360 (1)

CPE

ready

CWE

CWE-264 (Confirmed)

CVSS

3.5

EPSS

0.00156

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-2354
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-2354
CVE Details	https://www.cvedetails.com/cve/CVE-2012-2354/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!