Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Moodle Permissions Privileges and Access Controls Vulnerability - CVE-2014-0125 - Vulnerability Database
Moodle

Moodle Permissions Privileges and Access Controls Vulnerability - CVE-2014-0125

Medium
Reference: CVE-2014-0125
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2014-0125
Title: Moodle Permissions Privileges and Access Controls Vulnerability
Overview:

repository/alfresco/lib.php in Moodle through 2.3.11 2.4.x before 2.4.9 2.5.x before 2.5.5 and 2.6.x before 2.6.2 places a session key in a URL which allows remote attackers to bypass intended Alfresco Repository file restrictions by impersonating a file39s owner.