Description

mod/data/preset.php in Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 does not properly iterate through an array, which allows remote authenticated users to overwrite arbitrary database activity presets via unspecified vectors.

Remediation

References

CVE-2012-2366

Related Vulnerabilities

WordPress Plugin Flash Photo Gallery Cross-Site Scripting (0.7)

Oracle HTTP Server CVE-2022-21593 Vulnerability (CVE-2022-21593)

Drupal CVE-2018-14773 Vulnerability (CVE-2018-14773)

Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2021-26691)

Joomla CVE-2006-4469 Vulnerability (CVE-2006-4469)

Severity

Medium

Classification

CVE-2012-2366

Tags

Missing Update Known Vulnerabilities