Description In Moodle 2.x and 3.x, the question engine allows access to files that should not be available. Remediation References CVE-2016-8642 Related Vulnerabilities WordPress Plugin WordPress Easy Custom Js And Css Cross-Site Scripting (1.1.2) WordPress Plugin Alert Before Your Post Cross-Site Scripting (0.1.1) MongoDb Out-of-bounds Write Vulnerability (CVE-2021-32040) WordPress Plugin wpDataTables-WordPress Data Table, Dynamic Tables & Table Charts Multiple Cross-Site Scripting Vulnerabilities (2.1.27) WordPress Other Vulnerability (CVE-2007-0233) Severity Medium Classification CVE-2016-8642 CWE-284 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Tags Missing Update Known Vulnerabilities