WEB APPLICATION VULNERABILITIES Standard & Premium

Moodle Improper Access Control Vulnerability (CVE-2016-8642)

Description

In Moodle 2.x and 3.x, the question engine allows access to files that should not be available.

Remediation

References

Related Vulnerabilities

IBM WebSEAL Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1653)

Ampache Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-3929)

WordPress Plugin Authenticator Denial of Service (1.3.0)

Internet Information Services Other Vulnerability (CVE-2006-0026)

Microsoft SQL Server Other Vulnerability (CVE-2001-0879)

Severity

Medium

Classification

CVE-2016-8642 CWE-284 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities