CVE-2009-4302

UNKNOWNCVSS 0.0

0.0

login/index_form.html in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 links to an index page on the HTTP port even when the page is served from an HTTPS port, which might cause login credentials to be sent in cleartext, even when SSL is intended, and allows remote attackers to obtain these credentials by sniffing.

🔗 References (18)

cve@mitrehttp://docs.moodle.org/en/Moodle_1.8.11_release_notes
cve@mitrehttp://docs.moodle.org/en/Moodle_1.9.7_release_notes
cve@mitrehttp://moodle.org/mod/forum/discuss.php?d=139107
cve@mitrehttp://secunia.com/advisories/37614
cve@mitrehttp://www.securityfocus.com/bid/37244
cve@mitrehttp://www.vupen.com/english/advisories/2009/3455
cve@mitrehttps://www.redhat.com/archives/fedora-package-announce/2009-December/msg00704.html
cve@mitrehttps://www.redhat.com/archives/fedora-package-announce/2009-December/msg00730.html
cve@mitrehttps://www.redhat.com/archives/fedora-package-announce/2009-December/msg00751.html
af854a3a-2127-422b-91ae-364da2661108http://docs.moodle.org/en/Moodle_1.8.11_release_notes
af854a3a-2127-422b-91ae-364da2661108http://docs.moodle.org/en/Moodle_1.9.7_release_notes
af854a3a-2127-422b-91ae-364da2661108http://moodle.org/mod/forum/discuss.php?d=139107
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37614
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/37244
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/3455

Is Your Infrastructure Affected by CVE-2009-4302?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2009-4302

📅 Published

🔄 Last Modified

🔗 References (18)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2009-4302?