Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2013-4522 - Vulnerability Database
Moodle

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2013-4522

Medium
Reference: CVE-2013-4522
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2013-4522
Title: Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

lib/filelib.php in Moodle through 2.2.11 2.3.x before 2.3.10 2.4.x before 2.4.7 and 2.5.x before 2.5.3 does not send quotCache-Control: privatequot HTTP headers which allows remote attackers to obtain sensitive information by requesting a file that had been previously retrieved by a caching proxy server.