Description

Moodle 2.0.x before 2.0.7 and 2.1.x before 2.1.4, when an anonymous front-page forum is enabled, allows remote attackers to obtain session keys for their sessions by visiting the front page.

Remediation

References

CVE-2012-0799

Related Vulnerabilities

Apache Tomcat Other Vulnerability (CVE-2001-0829)

WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease Cross-Site Scripting (4.3.9)

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-8810)

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16222)

WordPress Plugin Lockdown WP Admin Unspecified Vulnerability (1.1.2)

Severity

Medium

Classification

CVE-2012-0799 CWE-200

Tags

Missing Update Known Vulnerabilities