Description

A flaw was found in moodle. When creating an export of site administration presets, some sensitive secrets and keys are not being excluded from the export, which could result in them unintentionally being leaked if the presets are shared with a third party.

Remediation

References

CVE-2024-43427

Related Vulnerabilities

ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-5876)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-2228)

WordPress Plugin Top 10-Popular posts for WordPress Multiple Vulnerabilities (3.2.3)

MyBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-5131)

Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2018-10237)

Severity

Low

Classification

CVE-2024-43427 CWE-922 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities