Bypassing Participant Entry Restrictions in Moodle Database Activity Module
CVE-2012-5480 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:P
The Database activity module in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote attackers to bypass intended restrictions on reading other participants' entries via an advanced search.
Learn more about our Web Application Penetration Testing UK.