Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Moodle Permissions Privileges and Access Controls Vulnerability - CVE-2014-0216 - Vulnerability Database
Moodle

Moodle Permissions Privileges and Access Controls Vulnerability - CVE-2014-0216

Medium
Reference: CVE-2014-0216
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2014-0216
Title: Moodle Permissions Privileges and Access Controls Vulnerability
Overview:

The My Home implementation in the block_html_pluginfile function in blocks/html/lib.php in Moodle through 2.3.11 2.4.x before 2.4.10 2.5.x before 2.5.6 and 2.6.x before 2.6.3 does not properly restrict file access which allows remote attackers to obtain sensitive information by visiting an HTML block.