Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-12157)

Description

In Moodle 3.x, various course reports allow teachers to view details about users in the groups they can't access.

Remediation

References

Related Vulnerabilities

WordPress Plugin WooCommerce Customers Manager Multiple Vulnerabilities (26.5)

Craft CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2025-68436)

MySQL CVE-2020-14765 Vulnerability (CVE-2020-14765)

WordPress Plugin DethemeKit For Elementor Multiple Cross-Site Scripting Vulnerabilities (1.5.5.4)

phpMyAdmin Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2016-6631)

Severity

Medium

Classification

CVE-2017-12157 CWE-200 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities