Lucene search
GoogleOSV:GHSA-MMVJ-J7HQ-RX85HistoryMay 13, 2022 - 1:12 a.m.
Moodle sensitive information disclosure
2022-05-1301:12:49
Google
osv.dev
4
moodle
sensitive information
disclosure
version 2.6.11
2.7.x
2.7.11
2.8.x
2.8.9
2.9.x
2.9.3
capability
remote authenticated users
badge information
request
EPSS
0.001
Percentile
34.9%
Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not consider the moodle/badges:viewbadges capability, which allows remote authenticated users to obtain sensitive badge information via a request involving (1) badges/overview.php or (2) badges/view.php.
Related
veracode
veracode
Information Disclosure
2017-07-26 23:26:08
cve
cve
CVE-2015-5340
2016-02-22 05:59:18
nvd
nvd
CVE-2015-5340
2016-02-22 05:59:18
cvelist
cvelist
CVE-2015-5340
2016-02-22 02:00:00
ubuntucve
ubuntucve
CVE-2015-5340
2016-02-22 00:00:00
prion
prion
Design/Logic Flaw
2016-02-22 05:59:00
github
github
Moodle sensitive information disclosure
2022-05-13 01:12:49
nessus
nessus
Moodle < 2.7.11 / 2.8.x < 2.8.9 / 2.9.x < 2.9.3 Multiple Vulnerabilities
2016-04-08 00:00:00
Fedora 23 : moodle-2.9.3-1.fc23 (2015-98fc0d20ad)
2016-03-04 00:00:00
Fedora 22 : moodle-2.8.9-1.fc22 (2015-2ebdd4ad8f)
2016-03-04 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0464)
2015-12-08 00:00:00
Fedora Update for moodle FEDORA-2015-2
2015-12-12 00:00:00
mageia
mageia
Updated moodle packages fix security vulnerability
2015-12-05 13:03:58
fedora
fedora
[SECURITY] Fedora 22 Update: moodle-2.8.9-1.fc22
2015-12-12 01:55:37
[SECURITY] Fedora 23 Update: moodle-2.9.3-1.fc23
2015-12-11 23:57:23