2 matches found
UBUNTU-CVE-2025-3640
A flaw was found in Moodle. Insufficient capability checks made it possible for a user enrolled in a course to access some details, such as the full name and profile image URL, of other users they did not have permission to access...
GHSA-3QG4-2FCM-C8F9 Moodle does not recogniz configuration setting that makes e-mail addresses visible only to course members
Moodle 2.0.x before 2.0.3 does not recognize the configuration setting that makes e-mail addresses visible only to course members, which allows remote authenticated users to obtain sensitive address information by reading a full profile page...