Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Moodle Permissions Privileges and Access Controls Vulnerability - CVE-2015-5265 - Vulnerability Database
Moodle

Moodle Permissions Privileges and Access Controls Vulnerability - CVE-2015-5265

Medium
Reference: CVE-2015-5265
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2015-5265
Title: Moodle Permissions Privileges and Access Controls Vulnerability
Overview:

The wiki component in Moodle through 2.6.11 2.7.x before 2.7.10 2.8.x before 2.8.8 and 2.9.x before 2.9.2 does not consider the mod/wiki:managefiles capability before authorizing file management which allows remote authenticated users to delete arbitrary files by using a manage-files button in a text editor.