Description

Moodle 2.0.x before 2.0.7 and 2.1.x before 2.1.4, when an anonymous front-page forum is enabled, allows remote attackers to obtain session keys for their sessions by visiting the front page.

Remediation

References

CVE-2012-0799

Related Vulnerabilities

WordPress 6.2 Multiple Vulnerabilities (6.2)

Oracle JRE CVE-2013-0809 Vulnerability (CVE-2013-0809)

WordPress Plugin Weather for us-animated weather widget Crypto Mining (1.8)

Craft CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-14280)

Joomla Incorrect Authorization Vulnerability (CVE-2020-11889)

Severity

Medium

Classification

CVE-2012-0799 CWE-200

Tags

Missing Update Known Vulnerabilities