← volver
CVE-2013-1836

CVE-2013-1836

EPSS 2.0%
Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not properly manage privileges for WebDAV repositories, which allows remote authenticated users to read, modify, or delete arbitrary site-wide repositories by leveraging certain read access.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37852http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101310.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2013-April/101358.htmlhttp://openwall.com/lists/oss-security/2013/03/25/2https://moodle.org/mod/forum/discuss.php?d=225348