Description

The Dropbox Repository File Picker in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote authenticated users to access the Dropbox of a different user by leveraging an unattended workstation after a logout.

Remediation

References

CVE-2012-5471

Related Vulnerabilities

WordPress Plugin Jammer Cross-Site Scripting (0.2)

WordPress Plugin All Video Gallery SQL Injection (1.2)

WordPress Plugin IgniteUp-Coming Soon and Maintenance Mode Multiple Vulnerabilities (3.4)

Squid Improper Input Validation Vulnerability (CVE-2014-0128)

WordPress Plugin SagePay Server Gateway for WooCommerce Cross-Site Scripting (1.0.8)

Severity

Medium

Classification

CVE-2012-5471 CWE-264

Tags

Missing Update Known Vulnerabilities