Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Moodle Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-5542)

Description

Students in "Only see own membership" groups could see other students in the group, which should be hidden.

Remediation

References

Related Vulnerabilities

phpBB CVE-2008-4125 Vulnerability (CVE-2008-4125)

MySQL CVE-2023-22113 Vulnerability (CVE-2023-22113)

WordPress Plugin Calendar Unspecified Vulnerability (1.3.10)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-4522)

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-40177)

Severity

Medium

Classification

CVE-2023-5542 CWE-668 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities