Lucene search
Veracode Vulnerability DatabaseVERACODE:4514HistoryJul 03, 2017 - 6:25 p.m.
Information Disclosure
2017-07-0318:25:34
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
EPSS
0.006
Percentile
78.5%
Moodle is vulnerable to information disclosure attacks. When viewing comments on a blog post, there is no verification of viewing permissions. This allows attackers to read the comments that can potentially contain sensitive information.
References
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37245
lists.fedoraproject.org/pipermail/package-announce/2013-May/106965.html
lists.fedoraproject.org/pipermail/package-announce/2013-May/106988.html
lists.fedoraproject.org/pipermail/package-announce/2013-May/107026.html
openwall.com/lists/oss-security/2013/05/21/1
moodle.org/mod/forum/discuss.php?d=228934
Related
ubuntucve
ubuntucve
CVE-2013-2082
2013-05-25 00:00:00
cvelist
cvelist
CVE-2013-2082
2013-05-25 01:00:00
nvd
nvd
CVE-2013-2082
2013-05-25 03:18:15
cve
cve
CVE-2013-2082
2013-05-25 03:18:15
github
github
Moodle does not enforce capability requirements for reading blog comments
2022-05-13 01:12:59
osv
osv
Moodle does not enforce capability requirements for reading blog comments
2022-05-13 01:12:59
prion
prion
Cross site request forgery (csrf)
2013-05-25 03:18:00
mageia
mageia
Updated moodle package fix security vulnerabilities
2013-06-06 16:24:33
openvas
openvas
Mageia: Security Advisory (MGASA-2013-0162)
2022-01-28 00:00:00
Fedora Update for moodle FEDORA-2013-8702
2013-05-31 00:00:00
Fedora Update for moodle FEDORA-2013-8692
2013-05-31 00:00:00
nessus
nessus
Fedora 19 : moodle-2.4.4-1.fc19 (2013-8668)
2013-05-29 00:00:00
Fedora 18 : moodle-2.3.7-1.fc18 (2013-8702)
2013-05-29 00:00:00
Fedora 17 : moodle-2.2.10-1.fc17 (2013-8692)
2013-05-29 00:00:00