|
Moodle 'spell-check-logic.cgi' Insecure Temporary File Creation Vulnerability
Moodle creates temporary files in an insecure manner. An attacker with local access could perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application. Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible. Moodle 1.8.2 is vulnerable; other versions may also be affected. |
|
 Privacy Statement |
