Description

The webservices functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 allows remote authenticated users to bypass the deleted status and continue using a server via a token.

Remediation

References

CVE-2012-0797

Related Vulnerabilities

WordPress 4.0.x Arbitrary File Deletion Vulnerability (4.0 - 4.0.23)

MySQL CVE-2020-2770 Vulnerability (CVE-2020-2770)

Drupal Core 7.x Cross-Site Scripting (7.0 - 7.79)

Chamilo Missing Authorization Vulnerability (CVE-2019-1000017)

WordPress Plugin Simple Slideshow Manager Multiple Unspecified Vulnerabilities (2.1)

Severity

Medium

Classification

CVE-2012-0797

Tags

Missing Update Known Vulnerabilities