6 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-28334
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Authenticated users were able to enumerate other users' names via the learning plans page. CVE-2023-28334 Note that Nessus relies on the presence of the package...
Information Disclosure
moodle/moodle is vulnerable to Information Disclosure. The vulnerability exists because authenticated user privileges are not properly validated in pagehelper.php which allows an attacker to access sensitive information and enumerate other users names via the learning plans page...
CVE-2023-28334
Authenticated users were able to enumerate other users' names via the learning plans page...
CVE-2023-28334
Authenticated users were able to enumerate other users' names via the learning plans page...
UBUNTU-CVE-2023-28334
Authenticated users were able to enumerate other users' names via the learning plans page...
CVE-2023-28334 Moodle: users' name enumeration possible via idor on learning plans page
Authenticated users were able to enumerate other users' names via the learning plans page...