Description

The "restore teacher" feature in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to overwrite the course idnumber.

Remediation

References

CVE-2016-3733

Related Vulnerabilities

WordPress 2.1.1 Cross-Site Scripting Vulnerability (2.1.1)

Oracle JRE CVE-2018-2639 Vulnerability (CVE-2018-2639)

WordPress Plugin Sync to Etsy Marketplace from WooCommerce Cross-Site Request Forgery (3.3.1)

WordPress Plugin Web Application Firewall-website security Unspecified Vulnerability (2.1.2)

WordPress 5.3.x Multiple Vulnerabilities (5.3 - 5.3.14)

Severity

Medium

Classification

CVE-2016-3733 CWE-284 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities