Directory Traversal

2020-12-0206:36:29

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

moodle

directory traversal

authenticated user

remote access

path manipulation

EPSS

0.005

Percentile

75.9%

JSON

Moodle is vulnerable to directory traversal. An authenticated remote user is able to access files beyond the Moodle file area using a dot dot (..) in a path.

References

git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-41807

openwall.com/lists/oss-security/2013/11/25/1

moodle.org/mod/forum/discuss.php?d=244481

EPSS

0.005

Percentile

75.9%

JSON

Related for VERACODE:28019