CVE-2012-2366
Summary
mod/data/preset.php in Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 does not properly iterate through an array, which allows remote authenticated users to overwrite arbitrary database activity presets via unspecified vectors.
- LOW
- NETWORK
- SINGLE
- PARTIAL
- NONE
- PARTIAL
References
Advisory Timeline
- Published