Description

mod/lesson/pagetypes/matching.php in Moodle through 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4.5, and 2.5.x before 2.5.1 allows remote authenticated users to obtain sensitive answer information by reading the HTML source code of a document.

Remediation

References

CVE-2013-2243

Related Vulnerabilities

IBM WebSEAL Improper Authentication Vulnerability (CVE-2018-1443)

WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Security Bypass (1.7.29)

Undertow CVE-2022-4492 Vulnerability (CVE-2022-4492)

WordPress Plugin Optimize images ALT Text (alt tag) & names for SEO using AI Cross-Site Request Forgery (2.0.7)

Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-9591)

Severity

Medium

Classification

CVE-2013-2243 CWE-200

Tags

Missing Update Known Vulnerabilities