Vulnerabilities

CVE-2013-1829

by Fred · 25/03/2013

calendar/managesubscriptions.php in Moodle 2.4.x before 2.4.2 does not consider capability requirements before displaying calendar subscriptions, which allows remote authenticated users to obtain potentially sensitive information by leveraging the student role.

Date published : 2013-03-25

http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37338

https://moodle.org/mod/forum/discuss.php?d=225339

Similar

Tags: Cybersecurity Alert