Description
mod/lesson/pagetypes/matching.php in Moodle through 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4.5, and 2.5.x before 2.5.1 allows remote authenticated users to obtain sensitive answer information by reading the HTML source code of a document.
Remediation
References
Related Vulnerabilities
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.6)
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-1454)
MySQL CVE-2012-3166 Vulnerability (CVE-2012-3166)
WordPress Plugin Rent-A-Car TimThumb Arbitrary File Upload (1.0)
WordPress Plugin Import and export users and customers CSV Injection (1.16.3.5)