Description

Moodle 2.0.x before 2.0.7 and 2.1.x before 2.1.4, when an anonymous front-page forum is enabled, allows remote attackers to obtain session keys for their sessions by visiting the front page.

Remediation

References

CVE-2012-0799

Related Vulnerabilities

MySQL CVE-2019-2626 Vulnerability (CVE-2019-2626)

WordPress Plugin W3 Total Cache Multiple Vulnerabilities (0.9.4.1)

Sqlite Incorrect Conversion between Numeric Types Vulnerability (CVE-2019-19317)

Apache Tomcat version older than 7.0.32

CubeCart Improper Input Validation Vulnerability (CVE-2013-1465)

Severity

Medium

Classification

CVE-2012-0799 CWE-200

Tags

Missing Update Known Vulnerabilities