First published: Thu Nov 14 2019(Updated: )
Moodle before 2.2.2 has users' private files included in course backups
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Moodle Moodle | <2.2.2 | |
Fedoraproject Fedora | =15 | |
Fedoraproject Fedora | =16 | |
Fedoraproject Fedora | =17 | |
Redhat Enterprise Linux | =6.0 | |
debian/moodle |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2012-1156 is a vulnerability in Moodle before 2.2.2 where users' private files are included in course backups unnecessarily.
CVE-2012-1156 affects Moodle versions before 2.2.2, 2.1.5, and 2.0.8.
CVE-2012-1156 has a severity rating of 7.5 (high).
To fix CVE-2012-1156, you should upgrade Moodle to version 2.2.2, 2.1.5, or 2.0.8, depending on your currently installed version.
More information about CVE-2012-1156 can be found at the following references: [NVD](https://nvd.nist.gov/vuln/detail/CVE-2012-1156), [Red Hat](https://access.redhat.com/security/cve/cve-2012-1156), [Bugzilla](https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1156).