An error-handling issue in the Moodle router (r.php) could cause the application to display internal directory listings when specific HTTP headers were not properly configured.
The product inappropriately exposes a directory listing with an index of all the resources located inside of the directory.