Moodle is vulnerable to information disclosures. The library places its session key in a string in the URL, allowing a malicious user to obtain this key and impersonate another user.
CPE | Name | Operator | Version |
---|---|---|---|
moodle/moodle | le | 2.6.1 | |
moodle/moodle | le | 2.4.8 | |
moodle/moodle | le | 2.5.4 | |
moodle/moodle | le | 2.3.11 |