QwikSec

Security Database

CVE

CWE

Training

CVE-2011-4584

Published: Jul 20, 2012

Modified: Aug 7, 2024

PUBLISHED

Description

The MNET authentication functionality in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 allows remote authenticated users to impersonate other user accounts by using the Login As feature in conjunction with a remote MNET single sign-on capability, as demonstrated by a Mahara site.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugzilla.redhat.com/show_bug.cgi?id=761248

x_refsource_CONFIRM

http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=10df8657c1c138c0d0ab1d4796c552fcec0c299b

x_refsource_CONFIRM

vendor-advisory

x_refsource_DEBIAN

http://moodle.org/mod/forum/discuss.php?d=191751

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.