Description

lib/formslib.php in Moodle 2.2.x before 2.2.6 and 2.3.x before 2.3.3 allows remote authenticated users to bypass intended access restrictions via a modified value of a frozen form field.

Remediation

References

CVE-2012-5472

Related Vulnerabilities

WordPress Plugin Watu Quiz Cross-Site Scripting (3.3.9.2)

WordPress Plugin Wordfence Security-Firewall & Malware Scan Cross-Site Scripting (3.3.5)

WordPress Plugin Smush Image Compression and Optimization Multiple Vulnerabilities (2.9.1)

WordPress Plugin ShortPixel Adaptive Images-WebP, AVIF, CDN, Image Optimization Cross-Site Scripting (3.6.2)

WordPress Plugin Pinterest 'Pin It' Button Cross-Site Scripting (2.0.8)

Severity

Medium

Classification

CVE-2012-5472 CWE-264

Tags

Missing Update Known Vulnerabilities