Description

The self-enrolment functionality in Moodle 2.1.x before 2.1.4 and 2.2.x before 2.2.1 allows remote authenticated users to obtain the manager role by leveraging the teacher role.

Remediation

References

CVE-2012-0798

Related Vulnerabilities

WordPress Plugin UpdraftPlus WordPress Backup Security Bypass (1.9.50)

Oracle Application Server CVE-2008-7234 Vulnerability (CVE-2008-7234)

Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-1575)

OpenSSL Inefficient Regular Expression Complexity Vulnerability (CVE-2023-3446)

WordPress Plugin Rife Elementor Extensions & Templates Multiple Cross-Site Scripting Vulnerabilities (1.1.5)

Severity

Medium

Classification

CVE-2012-0798 CWE-264

Tags

Missing Update Known Vulnerabilities