Vulnerabilities

CVE-2011-4288

by Fred · 16/07/2012

Moodle 1.9.x before 1.9.12 and 2.0.x before 2.0.3 does not properly implement associations between teachers and groups, which allows remote authenticated users to read quiz reports of arbitrary students by leveraging the teacher role.

Date published : 2012-07-16

http://git.moodle.org/gw?p=moodle.git;a=commit;h=79c6e3a0968ee1fedcf8a1f14f8086fcd9dbd3f6

http://moodle.org/mod/forum/discuss.php?d=175590

Similar

Tags: Cybersecurity Alert