PT-2014-3485 · Moodle · Moodle
Maria Torres
·
Publicado
2014-03-22
·
Atualizado
2022-05-13
·
CVE-2014-0124
CVSS v2.0
4.0
Média
| Vetor | AV:N/AC:L/Au:S/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Moodle versions prior to 2.3.11
Moodle versions 2.4.x before 2.4.9
Moodle versions 2.5.x before 2.5.5
Moodle versions 2.6.x before 2.6.2
Description
The issue concerns the improper restriction of email address display in certain modules. Remote authenticated users can exploit this to obtain sensitive information by utilizing the Forum or Quiz module.
Recommendations
For versions prior to 2.3.11, update to version 2.3.11 or later.
For versions 2.4.x before 2.4.9, update to version 2.4.9 or later.
For versions 2.5.x before 2.5.5, update to version 2.5.5 or later.
For versions 2.6.x before 2.6.2, update to version 2.6.2 or later.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Moodle