AI Score
Confidence
Low
EPSS
Percentile
41.4%
Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to obtain sensitive user information from hidden fields by leveraging the teacher role and navigating to “Enrolled users” under the Users Settings section.
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-31923
openwall.com/lists/oss-security/2012/05/23/2