Description

mod/lesson/pagetypes/matching.php in Moodle through 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4.5, and 2.5.x before 2.5.1 allows remote authenticated users to obtain sensitive answer information by reading the HTML source code of a document.

Remediation

References

CVE-2013-2243

Related Vulnerabilities

PHP Use After Free Vulnerability (CVE-2014-3622)

WordPress Plugin Gallery-Photo Albums-Portfolio Multiple Cross-Site Request Forgery Vulnerabilities (1.2.59)

Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7881)

PleskWin Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-43784)

WordPress Plugin Dokan-Best WooCommerce Multivendor Marketplace Solution-Build Your Own Amazon, eBay, Etsy Cross-Site Request Forgery (3.0.8)

Severity

Medium

Classification

CVE-2013-2243 CWE-200

Tags

Missing Update Known Vulnerabilities