CVE-2009-4299 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2009-4299 Interim 1 5 2023-12-09T02:00:38Z current 2021-05-30T12:49:31Z 2023-12-09T02:00:38Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2009-4299 mod/glossary/showentry.php in the Glossary module for Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not properly perform access control, which allows attackers to read unauthorized Glossary entries via unknown vectors. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KMSGWTGNMZ6OBF4PSADAZBORDOW6FLX6/#KMSGWTGNMZ6OBF4PSADAZBORDOW6FLX6 E-Mail link for SUSE-SR:2010:004 https://www.suse.com/support/security/rating/ SUSE Security Ratings mod/glossary/showentry.php in the Glossary module for Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not properly perform access control, which allows attackers to read unauthorized Glossary entries via unknown vectors. CVE-2009-4299 moderate 5 AV:N/AC:L/Au:N/C:P/I:N/A:N