WEB APPLICATION VULNERABILITIES Standard & Premium

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7531)

Description

In Moodle 3.3, the course overview block reveals activities in hidden courses.

Remediation

References

Related Vulnerabilities

MySQL CVE-2012-5096 Vulnerability (CVE-2012-5096)

OpenSSL Improper Input Validation Vulnerability (CVE-2010-0740)

MediaWiki Improper Authentication Vulnerability (CVE-2011-1766)

WordPress Plugin myCred-Points, Rewards, Gamification, Ranks, Badges & Loyalty Cross-Site Scripting (2.3.2)

WordPress Plugin WP eCommerce 'wpsc-transaction_results_functions.php' SQL Injection (3.8.7.5)

Severity

Medium

Classification

CVE-2017-7531 CWE-200 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities