CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
Percentile
56.9%
The remote web server hosts Moodle, an open-source course management system. Versions of Moodle prior to 1.9.12 are potentially affected by multiple vulnerabilities :
A security bypass flaw exists in Group/Quiz permissions that could allow a teacher assigned to a particular group to access quiz reports for students in other groups. (MSA-11-0013 / CVE-2011-4288)
A vulnerability assessment performed by a third party has revealed multiple cross-site scripting (XSS) vulnerabilities. Specifically, these affect URL encoding within the script ‘lib/weblib.php’. (MSA-11-0015 / CVE-2011-4290)
Binary data 8709.prm