CVE-2012-5480
Published: 21 November 2012
The Database activity module in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote attackers to bypass intended restrictions on reading other participants' entries via an advanced search.
Priority
Status
Package | Release | Status |
---|---|---|
moodle Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Not vulnerable
|
|
oneiric |
Not vulnerable
|
|
precise |
Not vulnerable
(1.9.9.dfsg2-6)
|
|
quantal |
Ignored
(end of life)
|
|
raring |
Not vulnerable
(2.2.6.dfsg-1)
|
|
saucy |
Not vulnerable
(2.2.6.dfsg-1)
|
|
trusty |
Does not exist
(trusty was not-affected [2.2.6.dfsg-1])
|
|
upstream |
Needs triage
|