Description

Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 displays web service tokens associated with (1) disabled services and (2) users who no longer have authorization, which allows remote authenticated users to have an unspecified impact by reading these tokens.

Remediation

References

CVE-2011-4583

Related Vulnerabilities

GlassFish Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3314)

WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Open Redirect (4.4.1)

WordPress Plugin Usernoise modal feedback/contact form Cross-Site Scripting (3.7.8)

PHP Numeric Errors Vulnerability (CVE-2010-4699)

MySQL CVE-2021-35622 Vulnerability (CVE-2021-35622)

Severity

Medium

Classification

CVE-2011-4583 CWE-264

Tags

Missing Update Known Vulnerabilities