Description

blog/rsslib.php in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 continues to provide a blog RSS feed after blogging is disabled, which allows remote attackers to obtain sensitive information by reading this feed.

Remediation

References

CVE-2012-6105

Related Vulnerabilities

WordPress Plugin Clever Addons for Elementor Multiple Cross-Site Scripting Vulnerabilities (2.0.15)

Oracle HTTP Server CVE-2019-2751 Vulnerability (CVE-2019-2751)

WordPress Plugin Simple Download Monitor Multiple Cross-Site Scripting Vulnerabilities (3.9.4)

WordPress Plugin Skysa App Bar Integration 'submit' Parameter Cross-Site Scripting (1.03)

WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.25)

Severity

Medium

Classification

CVE-2012-6105 CWE-200

Tags

Missing Update Known Vulnerabilities