← voltar
CVE-2013-1832

CVE-2013-1832

EPSS 1.1%
repository/webdav/lib.php in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 includes the WebDAV password in the configuration form, which allows remote authenticated administrators to obtain sensitive information by configuring an instance.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37681http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101310.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2013-April/101358.htmlhttp://openwall.com/lists/oss-security/2013/03/25/2https://moodle.org/mod/forum/discuss.php?d=225343