CVE-2010-1616

Medium

4/10

Summary

Moodle 1.8.x and 1.9.x before 1.9.8 can create new roles when restoring a course, which allows teachers to create new accounts even if they do not have the moodle/user:create capability.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: SINGLE
Integrity Impact: PARTIAL
Confidentiality Impact: NONE
Availability Impact: NONE

References

Advisory Timeline

Published Apr 29, 2010

CVE-2010-1616

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS