Moodle is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor. The vulnerability is due to misconfiguration in a shared hosting environment, allowing a user with access to restore workshop modules and direct access to the web server outside of the Moodle webroot to execute a local file include.
CPE | Name | Operator | Version |
---|---|---|---|
moodle/moodle | le | v4.3.3 | |
moodle/moodle | le | v4.1.9 | |
moodle/moodle | le | v4.2.6 | |
moodle/moodle | le | v4.3.3 | |
moodle/moodle | le | v4.1.9 | |
moodle/moodle | le | v4.2.6 |