Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Moodle Permissions Privileges and Access Controls Vulnerability - CVE-2015-5266 - Vulnerability Database
Moodle

Moodle Permissions Privileges and Access Controls Vulnerability - CVE-2015-5266

Medium
Reference: CVE-2015-5266
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2015-5266
Title: Moodle Permissions Privileges and Access Controls Vulnerability
Overview:

The enrol_meta_sync function in enrol/meta/locallib.php in Moodle through 2.6.11 2.7.x before 2.7.10 2.8.x before 2.8.8 and 2.9.x before 2.9.2 allows remote authenticated users to obtain manager privileges in opportunistic circumstances by leveraging incorrect role processing during a long-running sync script.