The form-autocompletion functionality in Moodle 2.0.x prior to 2.0.7, 2.1.x prior to 2.1.4, and 2.2.x prior to 2.2.1 makes it easier for physically proximate malicious users to discover passwords by reading the contents of a non-password field, as demonstrated by accessing a create-groups page with Safari on an iPad device.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
moodle moodle 2.0.2 |
||
moodle moodle 2.0.1 |
||
moodle moodle 2.1.2 |
||
moodle moodle 2.0.4 |
||
moodle moodle 2.0.3 |
||
moodle moodle 2.1.1 |
||
moodle moodle 2.0.6 |
||
moodle moodle 2.0.5 |
||
moodle moodle 2.1.3 |
||
moodle moodle 2.0.0 |
||
moodle moodle 2.1.0 |
||
moodle moodle 2.2.0 |