Description

mod/lesson/pagetypes/matching.php in Moodle through 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4.5, and 2.5.x before 2.5.1 allows remote authenticated users to obtain sensitive answer information by reading the HTML source code of a document.

Remediation

References

CVE-2013-2243

Related Vulnerabilities

WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor Cross-Site Scripting (3.6.1)

WordPress Plugin WordPress Download Manager Multiple Vulnerabilities (3.1.24)

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20520)

WordPress Plugin Survey Maker-Best WordPress Survey Unspecified Vulnerability (3.2.0)

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8005)

Severity

Medium

Classification

CVE-2013-2243 CWE-200

Tags

Missing Update Known Vulnerabilities