Description

The webservices functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 allows remote authenticated users to bypass the deleted status and continue using a server via a token.

Remediation

References

CVE-2012-0797

Related Vulnerabilities

WordPress Plugin Gallery-Photo Albums-Portfolio Multiple Cross-Site Scripting Vulnerabilities (1.2.29)

WordPress Plugin WP Advanced Comment Cross-Site Scripting (0.10)

WordPress Plugin Custom Content Type Manager Remote Code Execution (0.9.8.5)

WordPress Plugin SAML SP Single Sign On-SSO login Unspecified Vulnerability (4.8.75)

WordPress Plugin NextGEN Gallery-WordPress Gallery Multiple Cross-Site Scripting Vulnerabilities (2.1.20)

Severity

Medium

Classification

CVE-2012-0797

Tags

Missing Update Known Vulnerabilities