CVE-2013-1832
N/A
N/A
Summary
repository/webdav/lib.php in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 includes the WebDAV password in the configuration form, which allows remote authenticated administrators to obtain sensitive information by configuring an instance.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://moodle.org/mod/forum/discuss.php?d=225343
- http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101358.html
- http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37681
- http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101310.html
- http://openwall.com/lists/oss-security/2013/03/25/2
References
- https://moodle.org/mod/forum/discuss.php?d=225343
- http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101358.html
- http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37681
- http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101310.html
- http://openwall.com/lists/oss-security/2013/03/25/2
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.