Description

Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, and 2.8 through 2.8.11 allows remote attackers to obtain the names of hidden forums and forum discussions.

Remediation

References

CVE-2016-3731

Related Vulnerabilities

Jenkins Improper Certificate Validation Vulnerability (CVE-2017-1000396)

Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0013)

WordPress Plugin Spectra-WordPress Gutenberg Blocks Cross-Site Scripting (1.14.11)

MySQL Improper Input Validation Vulnerability (CVE-2017-3273)

WordPress Plugin article2pdf Multiple Vulnerabilities (0.27)

Severity

Medium

Classification

CVE-2016-3731 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities