Description

Moodle 2.0.x before 2.0.7 and 2.1.x before 2.1.4, when an anonymous front-page forum is enabled, allows remote attackers to obtain session keys for their sessions by visiting the front page.

Remediation

References

CVE-2012-0799

Related Vulnerabilities

WordPress Plugin Stop Spammers Security-Block Spam Users, Comments, Forms Cross-Site Scripting (6.15)

WebLogic Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2020-7226)

Lighttpd Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-1111)

WordPress Plugin Simple Membership Cross-Site Scripting (3.5.6)

OpenSSL Resource Management Errors Vulnerability (CVE-2011-3210)

Severity

Medium

Classification

CVE-2012-0799 CWE-200

Tags

Missing Update Known Vulnerabilities