CVE-2013-2080
Published: 25 May 2013
The core_grade component in Moodle through 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not properly consider the existence of hidden grades, which allows remote authenticated users to obtain sensitive information by leveraging the student role and reading the Gradebook Overview report.
Priority
Status
Package | Release | Status |
---|---|---|
moodle Launchpad, Ubuntu, Debian |
vivid |
Ignored
(end of life)
|
impish |
Does not exist
|
|
hirsute |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
artful |
Ignored
(end of life)
|
|
bionic |
Needed
|
|
cosmic |
Ignored
(end of life)
|
|
disco |
Ignored
(end of life)
|
|
eoan |
Ignored
(end of life)
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
lucid |
Ignored
(end of life)
|
|
lunar |
Does not exist
|
|
precise |
Ignored
(end of life)
|
|
quantal |
Ignored
(end of life)
|
|
raring |
Ignored
(end of life)
|
|
saucy |
Ignored
(end of life)
|
|
trusty |
Does not exist
(trusty was needed)
|
|
upstream |
Released
(2.5, 2.4.4, 2.3.7)
|
|
utopic |
Ignored
(end of life)
|
|
wily |
Ignored
(end of life)
|
|
xenial |
Needed
|
|
yakkety |
Ignored
(end of life)
|
|
zesty |
Ignored
(end of life)
|
|
mantic |
Does not exist
|
|
Patches: upstream: http://git.moodle.org/gw?p=moodle.git;a=commitdiff;h=5df9bc3998095299c6862973866252649a5e0866;hp=4ce97aed0d48514781f0d16cc069b8a7b5e1a67f |