Description

blog/rsslib.php in Moodle 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 allows remote attackers to obtain sensitive information from site-level blogs by leveraging the guest role and reading an RSS feed.

Remediation

References

CVE-2012-6104

Related Vulnerabilities

Apache Tomcat version older than 6.0.18

WordPress Plugin ShiftNav-Responsive Mobile Menu Cross-Site Scripting (1.5.2)

WordPress Plugin WordPress Button Plugin MaxButtons Security Bypass (1.19.0)

WordPress Plugin DW Question & Answer Cross-Site Request Forgery (1.5.7)

WordPress Plugin Hostel Cross-Site Scripting (1.1.3)

Severity

Medium

Classification

CVE-2012-6104 CWE-200

Tags

Missing Update Known Vulnerabilities