Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Moodle Permissions Privileges and Access Controls Vulnerability - CVE-2014-3546 - Vulnerability Database
Moodle

Moodle Permissions Privileges and Access Controls Vulnerability - CVE-2014-3546

Medium
Reference: CVE-2014-3546
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2014-3546
Title: Moodle Permissions Privileges and Access Controls Vulnerability
Overview:

Moodle through 2.3.11 2.4.x before 2.4.11 2.5.x before 2.5.7 2.6.x before 2.6.4 and 2.7.x before 2.7.1 does not enforce certain capability requirements in (1) notes/index.php and (2) user/edit.php which allows remote attackers to obtain potentially sensitive username and course information via a modified URL.