Description
In Moodle 2.x and 3.x, the question engine allows access to files that should not be available.
Remediation
References
Related Vulnerabilities
Magento Improper Authorization Vulnerability (CVE-2020-24405)
phpMyAdmin 7PK - Security Features Vulnerability (CVE-2016-9851)
WordPress Plugin Stars Menu Cross-Site Scripting (1.0.1)
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6613)
Oracle JRE Uncontrolled Resource Consumption Vulnerability (CVE-2026-34282)