Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2013-1829 - Vulnerability Database
Moodle

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2013-1829

Medium
Reference: CVE-2013-1829
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2013-1829
Title: Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

calendar/managesubscriptions.php in Moodle 2.4.x before 2.4.2 does not consider capability requirements before displaying calendar subscriptions which allows remote authenticated users to obtain potentially sensitive information by leveraging the student role.