Design/Logic Flaw

The form-autocompletion functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 makes it easier for physically proximate attackers to discover passwords by reading the contents of a non-password field, as demonstrated by accessing a create-groups page with Safari on...

PT-2012-2877 · Moodle · Moodle

Name of the Vulnerable Software and Affected Versions: Moodle versions 2.0.x through 2.0.6 Moodle versions 2.1.x through 2.1.3 Moodle versions 2.2.x through 2.2.0 Description: The form-autocompletion functionality makes it easier for physically proximate attackers to discover passwords by reading...