Description
Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated administrators to obtain sensitive information from the external repositories of arbitrary users by leveraging the login_as feature.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Quick FrontEnd Editor Multiple Vulnerabilities (5.5)
Squid Other Vulnerability (CVE-2016-4556)
OpenSSL CVE-2021-4160 Vulnerability (CVE-2021-4160)
WordPress Plugin Facebook Opengraph Meta 'all_meta.php' SQL Injection (1.0)
WordPress Plugin CigiCigi Post Guest Cross-Site Scripting (1.0.5)