Design/Logic Flaw

Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 does not properly handle user/actionredir group messages, which allows remote authenticated users to discover e-mail addresses by visiting the messaging interface...

PT-2012-1925 · Moodle · Moodle

Name of the Vulnerable Software and Affected Versions: Moodle versions 1.9.x through 1.9.14 Moodle versions 2.0.x through 2.0.5 Moodle versions 2.1.x through 2.1.2 Description: The issue arises from improper handling of user/action redir group messages, allowing remote authenticated users to...