Description

Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated administrators to obtain sensitive information from the external repositories of arbitrary users by leveraging the login_as feature.

Remediation

References

CVE-2013-1835

Related Vulnerabilities

WordPress Plugin WP Quick FrontEnd Editor Multiple Vulnerabilities (5.5)

Squid Other Vulnerability (CVE-2016-4556)

OpenSSL CVE-2021-4160 Vulnerability (CVE-2021-4160)

WordPress Plugin Facebook Opengraph Meta 'all_meta.php' SQL Injection (1.0)

WordPress Plugin CigiCigi Post Guest Cross-Site Scripting (1.0.5)

Severity

Low

Classification

CVE-2013-1835 CWE-200

Tags

Missing Update Known Vulnerabilities