Description

The Dropbox Repository File Picker in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote authenticated users to access the Dropbox of a different user by leveraging an unattended workstation after a logout.

Remediation

References

CVE-2012-5471

Related Vulnerabilities

PHP Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-1220)

WordPress Plugin WP Editor SQL Injection (1.2.6.3)

WordPress Plugin NextGEN Gallery-WordPress Gallery 'xml/media-rss.php' Cross-Site Scripting (1.5.1)

OpenSSL NULL Pointer Dereference Vulnerability (CVE-2009-1386)

WordPress Plugin B2BKing-Ultimate WooCommerce Wholesale and B2B Solution-Wholesale Order Form, Catalog Mode, Dynamic Pricing & More Security Bypass (4.6.00)

Severity

Medium

Classification

CVE-2012-5471 CWE-264

Tags

Missing Update Known Vulnerabilities