CVE Vulnerabilities

CVE-2010-1616

Published: Apr 29, 2010 | Modified: Dec 01, 2020
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4 MEDIUM
AV:N/AC:L/Au:S/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Moodle 1.8.x and 1.9.x before 1.9.8 can create new roles when restoring a course, which allows teachers to create new accounts even if they do not have the moodle/user:create capability.

Affected Software

Name Vendor Start Version End Version
Moodle Moodle 1.9.4 1.9.4
Moodle Moodle 1.9.1 1.9.1
Moodle Moodle 1.8.8 1.8.8
Moodle Moodle 1.9.6 1.9.6
Moodle Moodle 1.8.2 1.8.2
Moodle Moodle 1.9.2 1.9.2
Moodle Moodle 1.8.6 1.8.6
Moodle Moodle 1.8.5 1.8.5
Moodle Moodle 1.8.3 1.8.3
Moodle Moodle 1.8.9 1.8.9
Moodle Moodle 1.8.7 1.8.7
Moodle Moodle 1.8.10 1.8.10
Moodle Moodle 1.9.3 1.9.3
Moodle Moodle 1.9.5 1.9.5
Moodle Moodle 1.8.11 1.8.11
Moodle Moodle 1.8.4 1.8.4
Moodle Moodle 1.8.1 1.8.1
Moodle Moodle 1.9.7 1.9.7

References