Information Disclosure Vulnerability in Moodle Gradebook Overview Report
CVE-2013-2080 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:N/A:N
The core_grade component in Moodle through 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not properly consider the existence of hidden grades, which allows remote authenticated users to obtain sensitive information by leveraging the student role and reading the Gradebook Overview report.
Learn more about our User Device Pen Test.