Описание
In Moodle 3.x, students can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This allows enumerating and guessing emails of other students.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | code not present |
| devel | not-affected | code not present |
| esm-apps/xenial | not-affected | code not present |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [code not present]] |
| precise/esm | DNE | |
| trusty | not-affected | code not present |
| trusty/esm | DNE | trusty was not-affected [code not present] |
| upstream | needs-triage | |
| xenial | not-affected | code not present |
| zesty | not-affected | code not present |
Показывать по
4 Medium
CVSS2
4.3 Medium
CVSS3
Связанные уязвимости
In Moodle 3.x, students can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This allows enumerating and guessing emails of other students.
In Moodle 3.x, students can find out email addresses of other students ...
Moodle Exposure of Sensitive Information to an Unauthorized Actor
4 Medium
CVSS2
4.3 Medium
CVSS3