Security Advisory

CVE-2011-4303

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2012-07-11 10:00:00
Last updated 2024-08-07 00:01:51
Assigner redhat
State PUBLISHED

Description

lib/db/upgrade.php in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 does not set the correct registration_hubs.secret value during installation, which allows remote attackers to bypass intended access restrictions by leveraging the hubs feature.