The MNET authentication functionality in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 allows remote authenticated users to impersonate other user accounts by using the Login As feature in conjunction with a remote MNET single sign-on capability, as demonstrated by a Mahara site.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2012-07-20T10:00:00
Updated: 2024-08-07T00:09:19.401Z
Reserved: 2011-11-29T00:00:00
Link: CVE-2011-4584
Vulnrichment
No data.
NVD
Status : Modified
Published: 2012-07-20T10:40:35.847
Modified: 2023-02-13T00:21:24.047
Link: CVE-2011-4584
Redhat
No data.