VIR Vulnerability Intelligence Relay

CVE-2012-0797

medium
Published 2012-07-17 · Modified 2024-01-12
CVSS v3
CVSS v2
5.5
VIR risk
5.5

Description

Moodle Users Can Bypass Deleted Status

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: secalert@redhat.com — http://moodle.org/mod/forum/discuss.php?d=194016

vendor Authored 2026-05-27

Vendor advisory: secalert@redhat.com — http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-28126

Package impact
EcosystemPackageVulnerableFixed
php Packagistmoodle/moodle>=2.2,<2.2.12.2.1
php Packagistmoodle/moodle>=2.1,<2.1.42.1.4
php Packagistmoodle/moodle>=2.0,<2.0.72.0.7

Application impact
VendorProductVersionsFixed
moodlemoodle{"startIncluding":"2.0","endIncluding":"2.0.6"}
moodlemoodle2.2.0

References

CWEs

CWE-16

Verify integrity in audit chain (admin only). AS-IS.