Lucene search
Veracode Vulnerability DatabaseVERACODE:22263HistoryJan 08, 2020 - 5:20 a.m.
Information Disclosure
2020-01-0805:20:29
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
EPSS
0.001
Percentile
32.6%
moodle/moodle is vulnerable to information disclosure. The tokens that are used to fetch inline attachments in email notifications are not disabled when the corresponding user account has been deactivated. A user with knowledge of file path and the token would be able to access the files which would otherwise be inaccessible.
Related
osv
osv
CVE-2019-14883
2020-03-18 13:15:12
Moodle Email media URL tokens were not checking for user status
2022-05-24 17:11:48
cve
cve
CVE-2019-14883
2020-03-18 13:15:12
ubuntucve
ubuntucve
CVE-2019-14883
2020-03-18 00:00:00
cvelist
cvelist
CVE-2019-14883
2020-03-18 12:16:16
openvas
openvas
Moodle 3.6.x < 3.6.7, 3.7.x < 3.7.3 Multiple Vulnerabilities
2019-11-20 00:00:00
symantec
symantec
Moodle CVE-2019-14883 Remote Security Vulnerability
2019-11-18 00:00:00
github
github
Moodle Email media URL tokens were not checking for user status
2022-05-24 17:11:48
prion
prion
Design/Logic Flaw
2020-03-18 13:15:00
nvd
nvd
CVE-2019-14883
2020-03-18 13:15:12