Bypassing Capability Requirement in Moodle 2.3.x

Bypassing Capability Requirement in Moodle 2.3.x

CVE-2012-5481 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

Moodle 2.3.x before 2.3.3 allows remote authenticated users to bypass the moodle/role:manage capability requirement and read all capability data by visiting the Check Permissions page.

Learn more about our User Device Pen Test.