2 matches found
SUSE CVE-2017-15110
In Moodle 3.x, students can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This allows enumerating and guessing emails of other students...
Information Disclosure
Moodle is vulnerable to information disclosure. The email addresses of all participants, regardless of email visibility, can be listed when a student uses the search function in the Participants page...