Description
lib/setup.php in Moodle before 1.6.2 sets the error reporting level to 7 to display E_WARNING messages to users even if debugging is disabled, which might allow remote authenticated users to obtain sensitive information by triggering the messages.
Remediation
References
Related Vulnerabilities
WordPress Plugin Newsletter-Send awesome emails from WordPress Cross-Site Scripting (6.7.6)
Resin Application Server Other Vulnerability (CVE-2012-2967)
Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-7936)
SharePoint CVE-2020-1444 Vulnerability (CVE-2020-1444)
WordPress Plugin PowerPress Podcasting by Blubrry Malicious Code (11.9.4)