CVE-2013-1832

repository/webdav/lib.php in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 includes the WebDAV password in the configuration form, which allows remote authenticated administrators to obtain sensitive information by configuring an instance.

Published: Mar 25, 2013
Updated: Nov 9, 2025
CVE: CVE-2013-1832
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
moodle / moodle	2.0.2	2.0.2.x
moodle / moodle	2.0.1	2.0.1.x
moodle / moodle	2.1.2	2.1.2.x
moodle / moodle	2.0.4	2.0.4.x
moodle / moodle	2.1.10	2.1.10.x
moodle / moodle	2.1.8	2.1.8.x
moodle / moodle	2.1.9	2.1.9.x
moodle / moodle	2.0.3	2.0.3.x
moodle / moodle	2.1.1	2.1.1.x
moodle / moodle	2.1.5	2.1.5.x
moodle / moodle	2.1.6	2.1.6.x
moodle / moodle	2.0.6	2.0.6.x
moodle / moodle	2.0.5	2.0.5.x
moodle / moodle	2.1.3	2.1.3.x
moodle / moodle	2.0.9	2.0.9.x
moodle / moodle	2.0.8	2.0.8.x
moodle / moodle	2.1.7	2.1.7.x
moodle / moodle	2.0.7	2.0.7.x
moodle / moodle	2.1.4	2.1.4.x
moodle / moodle	2.0.0	2.0.0.x
moodle / moodle	2.1.0	2.1.0.x
moodle / moodle	2.2.2	2.2.2.x
moodle / moodle	2.2.6	2.2.6.x
moodle / moodle	2.2.1	2.2.1.x
moodle / moodle	2.2.7	2.2.7.x
moodle / moodle	2.2.3	2.2.3.x
moodle / moodle	2.2.5	2.2.5.x
moodle / moodle	2.2.4	2.2.4.x
moodle / moodle	2.2.0	2.2.0.x
moodle / moodle	2.3.4	2.3.4.x
moodle / moodle	2.3.1	2.3.1.x
moodle / moodle	2.3.3	2.3.3.x
moodle / moodle	2.3.2	2.3.2.x
moodle / moodle	2.3.0	2.3.0.x
moodle / moodle	2.4.1	2.4.1.x
moodle / moodle	2.4.0	2.4.0.x

Vulnerability Database

314,343

CVE-2013-1832

Deep Security Visibility Without the Complexity