Описание
Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not consider "don't send" attributes during hub registration, which allows remote hubs to obtain sensitive site information by reading form data.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | ignored | end of standard support, was needed |
| cosmic | ignored | end of life |
| devel | DNE | |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | needed | |
| esm-apps/xenial | needed | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needed] |
| esm-infra/focal | DNE |
Показывать по
10
EPSS
Процентиль: 63%
0.00464
Низкий
4.3 Medium
CVSS2
Связанные уязвимости
nvd
около 12 лет назад
Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not consider "don't send" attributes during hub registration, which allows remote hubs to obtain sensitive site information by reading form data.
debian
около 12 лет назад
Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2. ...
github
около 3 лет назад
Moodle does not consider "don't send" attributes during hub registration
EPSS
Процентиль: 63%
0.00464
Низкий
4.3 Medium
CVSS2