CVE Vulnerabilities

CVE-2011-4288

Published: Jul 16, 2012 | Modified: Feb 13, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4 MEDIUM
AV:N/AC:L/Au:S/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Moodle 1.9.x before 1.9.12 and 2.0.x before 2.0.3 does not properly implement associations between teachers and groups, which allows remote authenticated users to read quiz reports of arbitrary students by leveraging the teacher role.

Affected Software

Name Vendor Start Version End Version
Moodle Moodle 2.0.2 2.0.2
Moodle Moodle 1.9.4 1.9.4
Moodle Moodle 1.9.6 1.9.6
Moodle Moodle 1.9.9 1.9.9
Moodle Moodle 2.0.1 2.0.1
Moodle Moodle 1.9.11 1.9.11
Moodle Moodle 1.9.2 1.9.2
Moodle Moodle 1.9.10 1.9.10
Moodle Moodle 1.9.3 1.9.3
Moodle Moodle 1.9.5 1.9.5
Moodle Moodle 1.9.8 1.9.8
Moodle Moodle 1.9.7 1.9.7
Moodle Moodle 2.0.0 2.0.0

References