The blind-marking implementation in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote authenticated users to de-anonymize student identities by (1) using a screen reader or (2) reading the HTML source.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2014-05-26 17:55
Updated : 2020-12-01 06:52
NVD link : CVE-2014-0215
Mitre link : CVE-2014-0215
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
moodle
- moodle