moodle/moodle is vulnerable to information disclosure.The vulnerability exits in action_redir.php
due to improper access control which allows an attacker to gain access to information in the file system via insufficient capability checks.
CPE | Name | Operator | Version |
---|---|---|---|
moodle/moodle | le | v3.11.2 | |
moodle/moodle | le | v3.9.9 | |
moodle/moodle | le | v3.10.6 | |
moodle/moodle | le | v3.11.2 | |
moodle/moodle | le | v3.9.9 | |
moodle/moodle | le | v3.10.6 |
bugzilla.redhat.com/show_bug.cgi?id=2043414
github.com/advisories/GHSA-wr6q-xv23-rfq9
github.com/moodle/moodle/commit/1dfb62cbabe31031453c47ae0a1753f1a57ee695
github.com/moodle/moodle/commit/a937101b0680340276ff50cbc40910dccfc806ab
github.com/moodle/moodle/commit/e09e5f427b8c5713c0b06ded2f7122c112a35f82
github.com/moodle/moodle/commit/ec4c5a0e352facc49e2c70d56a6a814af4ab28f6