Vulnerabilities

CVE-2014-0129

by Fred · 21/03/2014

badges/mybadges.php in Moodle 2.5.x before 2.5.5 and 2.6.x before 2.6.2 does not properly track the user to whom a badge was issued, which allows remote authenticated users to modify the visibility of an arbitrary badge via unspecified vectors.

Date published : 2014-03-21

http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44140

https://moodle.org/mod/forum/discuss.php?d=256424

Similar

Tags: Cybersecurity Alert