Description
mod/lesson/pagetypes/matching.php in Moodle through 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4.5, and 2.5.x before 2.5.1 allows remote authenticated users to obtain sensitive answer information by reading the HTML source code of a document.
Remediation
References
Related Vulnerabilities
IBM WebSEAL Improper Authentication Vulnerability (CVE-2018-1443)
WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Security Bypass (1.7.29)
Undertow CVE-2022-4492 Vulnerability (CVE-2022-4492)
Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-9591)