1
Candidate: CVE-2014-7832
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7832
5
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47921
7
mod/lti/launch.php in the LTI module in Moodle through 2.4.11, 2.5.x before
8
2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 performs access control
9
at the course level rather than at the activity level, which allows remote
10
authenticated users to bypass the mod/lti:view capability requirement by
11
viewing an activity instance.
20
upstream_moodle: needed
21
lucid_moodle: ignored (reached end-of-life)
22
precise_moodle: ignored (reached end-of-life)
23
precise/esm_moodle: DNE (precise was needed)
25
utopic_moodle: ignored (reached end-of-life)
26
vivid_moodle: ignored (reached end-of-life)
27
vivid/stable-phone-overlay_moodle: DNE
28
vivid/ubuntu-core_moodle: DNE
29
wily_moodle: ignored (reached end-of-life)
31
yakkety_moodle: ignored (reached end-of-life)
32
zesty_moodle: ignored (reached end-of-life)