Information Disclosure Vulnerability in Moodle's External Repositories

Information Disclosure Vulnerability in Moodle's External Repositories

CVE-2013-1835 · LOW Severity

AV:N/AC:M/AU:S/C:P/I:N/A:N

Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated administrators to obtain sensitive information from the external repositories of arbitrary users by leveraging the login_as feature.

Learn more about our External Network Penetration Testing.