Moodle is vulnerable to a Information Exposure Through Misconfigured Permissions. The vulnerability is due to misconfiguration in a shared hosting environment, allowing a user with access to restore feedback modules and direct access to the web server outside of the Moodle webroot to execute a local file include.
CPE | Name | Operator | Version |
---|---|---|---|
moodle/moodle | le | v4.3.3 | |
moodle/moodle | le | v4.1.9 | |
moodle/moodle | le | v4.2.6 | |
moodle/moodle | le | v4.3.3 | |
moodle/moodle | le | v4.1.9 | |
moodle/moodle | le | v4.2.6 |