Skip to main content

CVE-2012-2366

Severity Medium
Score 5.5/10

Summary

mod/data/preset.php in Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 does not properly iterate through an array, which allows remote authenticated users to overwrite arbitrary database activity presets via unspecified vectors.

  • LOW
  • NETWORK
  • SINGLE
  • PARTIAL
  • NONE
  • PARTIAL

References

Advisory Timeline

  • Published