CVE-2012-5472

Loading...

General

Score:4.0/10.0
Severity:Low
Category:Access Control Error
Exploit:Available

Impact Metrics

Confidentiality:None
Integrity:Partial
Availability:None

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:Single

Published on 21/11/12 - Updated on 21/06/13

Description

lib/formslib.php in Moodle 2.2.x before 2.2.6 and 2.3.x before 2.3.3 allows remote authenticated users to bypass intended access restrictions via a modified value of a frozen form field.

Category: Access Control Error

CWE-264 (Permissions, Privileges, and Access Control)
Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.

Security Notices

US National Vulnerability DatabaseCVE-2012-5472

Exploits

SecurityFocusBID-56505

Relative technologies

VendorProduct
moodlemoodle

Share this vulnerability with:

Twitter Facebook LinkedIn Mail