Moodle 2.4.10 / 2.5.6 / 2.6.3 / 2.7 Account Information Disclosure
https://www.osisecurity.com.au/moodle-url-manipulation-remote-account-information-disclosure.html Date: 04-Apr-2017 Product: Moodle Versions affected: 2.4.10, 2.5.6, 2.6.3, 2.7 and earlier. Vulnerability: Information disclosure. Example: /user/edit.php?id= reveals account owner name 1. Log in to...