Description
mod/lesson/pagetypes/matching.php in Moodle through 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4.5, and 2.5.x before 2.5.1 allows remote authenticated users to obtain sensitive answer information by reading the HTML source code of a document.
Remediation
References
Related Vulnerabilities
Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8707)
Magento Insufficient Verification of Data Authenticity Vulnerability (CVE-2019-8124)
MySQL CVE-2016-5437 Vulnerability (CVE-2016-5437)
TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2009-3633)