Description

repository/webdav/lib.php in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 includes the WebDAV password in the configuration form, which allows remote authenticated administrators to obtain sensitive information by configuring an instance.

Remediation

References

CVE-2013-1832

Related Vulnerabilities

MySQL CVE-2016-0598 Vulnerability (CVE-2016-0598)

Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-25277)

Squid Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2021-28652)

WordPress Plugin Theme Check Cross-Site Request Forgery (20190208.1)

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3472)

Severity

Medium

Classification

CVE-2013-1832 CWE-200

Tags

Missing Update Known Vulnerabilities