Description

Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to

Remediation

References

CVE-2012-1155

Related Vulnerabilities

Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-3743)

WordPress Plugin Hustle-Pop-Ups, Slide-ins and Email Opt-ins CSV Injection (6.0.7)

PHP Improper Input Validation Vulnerability (CVE-2012-0788)

JBoss Application Server Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-3609)

WordPress 5.3.x Multiple Vulnerabilities (5.3 - 5.3.13)

Severity

High

Classification

CVE-2012-1155 CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities