Security Advisory

CVE-2012-3390

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2012-07-23 21:00:00
Last updated 2024-08-06 20:05:12
Assigner redhat
State PUBLISHED

Description

lib/filelib.php in Moodle 2.1.x before 2.1.7 and 2.2.x before 2.2.4 does not properly restrict file access after a block has been hidden, which allows remote authenticated users to obtain sensitive information by reading a file that is embedded in a block.