6 matches found
Moodle 3.x Information Disclosure Vulnerability (Nov 2017) - Linux
Students can find out email addresses of other students in the same course. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Fedora 27 : moodle (2017-612d3e009f)
Fix for CVE-2017-15110. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
Fedora 25 : moodle (2017-e40e02e0dd)
Fix for CVE-2017-15110. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
Fedora 26 : moodle (2017-475529a26a)
Fix for CVE-2017-15110. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
CVE-2017-15110
In Moodle 3.x, students can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This allows enumerating and guessing emails of other students...
CVE-2017-15110
Moodle 3.x exposes student emails through the Participants search: an information disclosure where emails of all course participants could be enumerated regardless of email visibility. This requires pattern in Moodle installations to be vulnerable; the root cause is improper visibility control on...