Lucene search
Veracode Vulnerability DatabaseVERACODE:4704HistoryJul 26, 2017 - 7:53 p.m.
Course Name Disclosure
2017-07-2619:53:53
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
EPSS
0.002
Percentile
51.6%
Moodle is vulnerable to course name disclosure. Authenticated attackers can leverage a flaw in admin/tool/monitor/lib.php to find hidden course names by subscribing to rules. These attacks are possible because moodle ignores the moodle/course:viewhiddencourses capability.
Related
cve
cve
CVE-2016-2154
2016-05-22 20:59:03
nvd
nvd
CVE-2016-2154
2016-05-22 20:59:03
github
github
Moodle allows attackers to discover hidden course names
2022-05-13 01:12:38
ubuntucve
ubuntucve
CVE-2016-2154
2016-05-22 00:00:00
osv
osv
Moodle allows attackers to discover hidden course names
2022-05-13 01:12:38
prion
prion
Design/Logic Flaw
2016-05-22 20:59:00
cvelist
cvelist
CVE-2016-2154
2016-05-22 20:00:00
nessus
nessus
Fedora 22 : moodle-2.8.11-1.fc22 (2016-b91d895e5a)
2016-04-01 00:00:00
Fedora 24 : moodle-3.0.3-1.fc24 (2016-9b591e1952)
2016-03-28 00:00:00
openvas
openvas
Fedora Update for moodle FEDORA-2016-403715
2016-04-11 00:00:00
Fedora Update for moodle FEDORA-2016-9
2016-04-11 00:00:00
Mageia: Security Advisory (MGASA-2016-0122)
2016-03-31 00:00:00
mageia
mageia
Updated moodle packages fix security vulnerability
2016-03-25 09:38:37
freebsd
freebsd
moodle -- multiple vulnerabilities
2016-03-21 00:00:00