Description

Moodle 2.0.x before 2.0.7 and 2.1.x before 2.1.4, when an anonymous front-page forum is enabled, allows remote attackers to obtain session keys for their sessions by visiting the front page.

Remediation

References

CVE-2012-0799

Related Vulnerabilities

WordPress Plugin Sidebar Adder 2 Cross-Site Scripting (2.0.0)

Microsoft SQL Server Elevation of Privilege Vulnerability (CVE-2021-1636)

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31804)

WordPress Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-9066)

WordPress Plugin Quttera Web Malware Scanner Security Bypass (3.0.8.65)

Severity

Medium

Classification

CVE-2012-0799 CWE-200

Tags

Missing Update Known Vulnerabilities