The user editing form in Moodle 3.0 up to and including 3.0.3, 2.9 up to and including 2.9.5, 2.8 up to and including 2.8.11, 2.7 up to and including 2.7.13, and previous versions allows remote authenticated users to edit profile fields locked by the administrator.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
moodle moodle 2.7.0 |
||
moodle moodle 2.7.13 |
||
moodle moodle 2.8.2 |
||
moodle moodle 2.8.3 |
||
moodle moodle 2.8.4 |
||
moodle moodle 2.9.4 |
||
moodle moodle 2.9.5 |
||
moodle moodle 3.0.3 |
||
moodle moodle 3.0.0 |
||
moodle moodle 2.7.1 |
||
moodle moodle 2.7.3 |
||
moodle moodle 2.7.5 |
||
moodle moodle 2.7.6 |
||
moodle moodle 2.7.7 |
||
moodle moodle 2.7.8 |
||
moodle moodle 2.8.9 |
||
moodle moodle 2.8.10 |
||
moodle moodle 2.8.11 |
||
moodle moodle 2.8.0 |
||
moodle moodle 2.8.1 |
||
moodle moodle 3.0.1 |
||
moodle moodle 3.0.2 |
||
moodle moodle 2.7.10 |
||
moodle moodle 2.7.12 |
||
moodle moodle 2.8.5 |
||
moodle moodle 2.8.7 |
||
moodle moodle 2.9.0 |
||
moodle moodle 2.9.2 |
||
moodle moodle 2.7.2 |
||
moodle moodle 2.7.4 |
||
moodle moodle 2.7.9 |
||
moodle moodle 2.7.11 |
||
moodle moodle 2.8.6 |
||
moodle moodle 2.8.8 |
||
moodle moodle 2.9.1 |
||
moodle moodle 2.9.3 |