VYPR
Unrated severityNVD Advisory· Published Jul 29, 2013· Updated Jun 16, 2026

CVE-2013-2245

CVE-2013-2245

Description

rss/file.php in Moodle through 2.1.10, 2.2.x before 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4.5, and 2.5.x before 2.5.1 does not properly implement the use of RSS tokens for impersonation, which allows remote authenticated users to obtain sensitive block information by reading an RSS feed.

Affected products

37
  • Moodle/Moodle37 versions
    cpe:2.3:a:moodle:moodle:2.1.0:*:*:*:*:*:*:*+ 36 more
    • cpe:2.3:a:moodle:moodle:2.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.1.10:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.2.10:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.2.8:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.2.9:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.3.7:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.4.4:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:2.5.0:*:*:*:*:*:*:*
    • (no CPE)range: <2.1.10, >=2.2.0 <2.2.11, >=2.3.0 <2.3.8, >=2.4.0 <2.4.5, >=2.5.0 <2.5.1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.