Description

Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 stores (1) password hashes and (2) unspecified "secrets" in backup files, which might allow attackers to obtain sensitive information.

Remediation

References

CVE-2009-4303

Related Vulnerabilities

WordPress Plugin Ginger-EU Cookie Law Multiple Vulnerabilities (4.1.3)

MySQL CVE-2020-14888 Vulnerability (CVE-2020-14888)

Craft CMS Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2017-8385)

WordPress Plugin Smart Slider 3 PRO Cross-Site Scripting (3.5.0.8)

WordPress Plugin RegistrationMagic-Custom Registration Forms, User Registration, Payment, and User Login Security Bypass (5.0.1.7)

Severity

Medium

Classification

CVE-2009-4303 CWE-200

Tags

Missing Update Known Vulnerabilities