Description
help.php in Moodle before 1.6.2 does not check the existence of certain help files before including them, which might allow remote authenticated users to obtain the path in an error message.
Remediation
References
Related Vulnerabilities
MySQL CVE-2020-14540 Vulnerability (CVE-2020-14540)
Drupal Core 8.5.x Multiple Vulnerabilities (8.5.0 - 8.5.14)
WordPress Plugin iframe Cross-Site Scripting (3.0)
WordPress Plugin Improved Sale Badges for WooCommerce Security Bypass (4.3.2)
WordPress Plugin MathJax-LaTeX Cross-Site Request Forgery (1.1)