Description
lib/setuplib.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the absolute path in an exception message.
Remediation
References
Related Vulnerabilities
Oracle Application Server Other Vulnerability (CVE-2007-2119)
MySQL CVE-2024-20963 Vulnerability (CVE-2024-20963)
Jenkins Incorrect Authorization Vulnerability (CVE-2020-2104)
Magento Improper Authorization Vulnerability (CVE-2020-24404)
Oracle Database Server CVE-2015-4796 Vulnerability (CVE-2015-4796)