Unrated severityNVD Advisory· Published Dec 16, 2009· Updated Jun 16, 2026
CVE-2009-4299
CVE-2009-4299
Description
mod/glossary/showentry.php in the Glossary module for Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not properly perform access control, which allows attackers to read unauthorized Glossary entries via unknown vectors.
Affected products
16cpe:2.3:a:moodle:moodle:1.8.1:*:*:*:*:*:*:*+ 15 more
- cpe:2.3:a:moodle:moodle:1.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.8.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.8.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.8.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.8.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.8.9:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.6:*:*:*:*:*:*:*
- (no CPE)range: before 1.8.11 (1.8.x), before 1.9.7 (1.9.x)
Patches
Vulnerability mechanics
References
9- docs.moodle.org/en/Moodle_1.8.11_release_notesnvdPatch
- docs.moodle.org/en/Moodle_1.9.7_release_notesnvdPatch
- moodle.org/mod/forum/discuss.phpnvdPatchVendor Advisory
- www.securityfocus.com/bid/37244nvdPatch
- www.vupen.com/english/advisories/2009/3455nvdPatchVendor Advisory
- secunia.com/advisories/37614nvdVendor Advisory
- www.redhat.com/archives/fedora-package-announce/2009-December/msg00704.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2009-December/msg00730.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2009-December/msg00751.htmlnvd
News mentions
0No linked articles in our index yet.