Moodle Permissions Privileges and Access Controls Vulnerability - CVE-2012-2359 - Vulnerability Database

Moodle Permissions Privileges and Access Controls Vulnerability - CVE-2012-2359

Medium

Reference: CVE-2012-2359

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2012-2359

Title: Moodle Permissions Privileges and Access Controls Vulnerability

Overview:

admin/roles/override.php in Moodle 2.0.x before 2.0.9 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to gain privileges by leveraging the teacher role and modifying their own capabilities as demonstrated by obtaining the backup:userinfo capability.