WEB APPLICATION VULNERABILITIES Standard & Premium

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-1832)

Description

repository/webdav/lib.php in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 includes the WebDAV password in the configuration form, which allows remote authenticated administrators to obtain sensitive information by configuring an instance.

Remediation

References

Related Vulnerabilities

MyBB Improper Access Control Vulnerability (CVE-2015-8973)

Plone CMS Improper Input Validation Vulnerability (CVE-2013-4195)

WebLogic CVE-2019-2398 Vulnerability (CVE-2019-2398)

MySQL CVE-2019-2693 Vulnerability (CVE-2019-2693)

MySQL CVE-2019-2580 Vulnerability (CVE-2019-2580)

Severity

Medium

Classification

CVE-2013-1832 CWE-200

Tags

Missing Update Known Vulnerabilities