Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2355)

Description

Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to bypass question:use* capability requirements and add arbitrary questions to a quiz via the questions feature.

Remediation

References

CVE-2012-2355

Related Vulnerabilities

WordPress Plugin Poll, Survey, Questionnaire and Voting system SQL Injection (1.2.4)

Apache Tomcat Use of Incorrectly-Resolved Name or Reference Vulnerability (CVE-2021-24122)

MySQL CVE-2021-2471 Vulnerability (CVE-2021-2471)

Oracle Application Server Other Vulnerability (CVE-2006-5361)

Oracle Application Server Other Vulnerability (CVE-2006-5357)

Severity

Medium

Classification

CVE-2012-2355 CWE-264