CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
EPSS
Percentile
36.1%
mod/feedback/lib.php in Moodle through 2.1.10, 2.2.x before 2.2.11, 2.3.x
before 2.3.8, 2.4.x before 2.4.5, and 2.5.x before 2.5.1 does not consider
the mod/feedback:view capability before displaying recent feedback, which
allows remote authenticated users to obtain sensitive information via a
request for all course feedback that has occurred since a specified time.