Moodle Permissions Privileges and Access Controls Vulnerability - CVE-2012-4408 - Vulnerability Database

Moodle Permissions Privileges and Access Controls Vulnerability - CVE-2012-4408

Medium

Reference: CVE-2012-4408

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2012-4408

Title: Moodle Permissions Privileges and Access Controls Vulnerability

Overview:

course/reset.php in Moodle 2.1.x before 2.1.8 2.2.x before 2.2.5 and 2.3.x before 2.3.2 checks an update capability instead of a reset capability which allows remote authenticated users to bypass intended access restrictions via a reset operation.