Description
auth/ldap/ntlmsso_attempt.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, 2.2.x before 2.2.4, and 2.3.x before 2.3.1 redirects users from an https LDAP login URL to an http URL, which allows remote attackers to obtain sensitive information by sniffing the network.
Remediation
References
Related Vulnerabilities
MySQL CVE-2015-2582 Vulnerability (CVE-2015-2582)
WordPress Plugin WP Visitor Statistics (Real Time Traffic) Unspecified Vulnerability (4.8)
MySQL Observable Discrepancy Vulnerability (CVE-2019-1559)
Drupal Missing Authorization Vulnerability (CVE-2017-6923)
WordPress Plugin Community Events 'id' Parameter SQL Injection (1.2.2)