Description

Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 stores (1) password hashes and (2) unspecified "secrets" in backup files, which might allow attackers to obtain sensitive information.

Remediation

References

CVE-2009-4303

Related Vulnerabilities

WordPress Plugin Video Conferencing with Zoom Cross-Site Scripting (3.9.2)

Joomla Improper Input Validation Vulnerability (CVE-2011-2892)

PHP Other Vulnerability (CVE-2007-4507)

OpenSSL Out-of-bounds Write Vulnerability (CVE-2022-3602)

MySQL CVE-2019-2803 Vulnerability (CVE-2019-2803)

Severity

Medium

Classification

CVE-2009-4303 CWE-200

Tags

Missing Update Known Vulnerabilities