Description

backup/moodle2/restore_stepslib.php in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not check for the moodle/course:changeidnumber privilege during handling of course ID numbers, which allows remote authenticated users to overwrite ID numbers via a restore action.

Remediation

References

CVE-2011-4589

Related Vulnerabilities

WordPress Plugin Captcha by BestWebSoft Security Bypass (3.8.7)

WordPress Plugin Tabs-Responsive Tabs with WooCommerce Product Tab Extension Security Bypass (3.5.4)

Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-20417)

MySQL CVE-2022-21309 Vulnerability (CVE-2022-21309)

MySQL CVE-2019-2532 Vulnerability (CVE-2019-2532)

Severity

Medium

Classification

CVE-2011-4589 CWE-264

Tags

Missing Update Known Vulnerabilities