QwikSec

Security Database

CVE

CWE

Training

CVE-2012-0800

Published: Jul 17, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

The form-autocompletion functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 makes it easier for physically proximate attackers to discover passwords by reading the contents of a non-password field, as demonstrated by accessing a create-groups page with Safari on an iPad device.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://moodle.org/mod/forum/discuss.php?d=194019

x_refsource_CONFIRM

http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=6e9989dbd3f261b2e1586ff77b0bf22fc7091485

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=783532

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.