CVE Vulnerabilities

CVE-2011-4297

Published: Jul 16, 2012 | Modified: Nov 07, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.4 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
LOW

comment/lib.php in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1 does not properly restrict comment capabilities, which allows remote attackers to post a comment by leveraging the guest role and operating on a front-page activity.

Affected Software

Name Vendor Start Version End Version
Moodle Moodle 2.0.0 (including) 2.0.0 (including)
Moodle Moodle 2.0.1 (including) 2.0.1 (including)
Moodle Moodle 2.0.2 (including) 2.0.2 (including)
Moodle Moodle 2.0.3 (including) 2.0.3 (including)
Moodle Moodle 2.1.0 (including) 2.1.0 (including)
Moodle Ubuntu hardy *

References