Description

The "restore teacher" feature in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to overwrite the course idnumber.

Remediation

References

CVE-2016-3733

Related Vulnerabilities

WebLogic CVE-2019-2646 Vulnerability (CVE-2019-2646)

MySQL CVE-2018-2805 Vulnerability (CVE-2018-2805)

TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-0815)

Apache HTTP Server CVE-1999-0236 Vulnerability (CVE-1999-0236)

Joomla Improper Authentication Vulnerability (CVE-2022-23795)

Severity

Medium

Classification

CVE-2016-3733 CWE-284 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities