Lucene search

K

Veracode Vulnerability DatabaseVERACODE:4705

HistoryJul 26, 2017 - 8:18 p.m.

E-mail Address Disclosure

2017-07-2620:18:05

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

6

EPSS

0.002

Percentile

51.6%

Moodle is vulnerable to e-mail address disclosure. Moodle grants excessive authorization through the moodle/course:viewhiddenuserfields. Authenticated users can find student e-mail addresses using a teacher role and looking at the participants list.

References

git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52433

www.openwall.com/lists/oss-security/2016/03/21/1

www.securitytracker.com/id/1035333

moodle.org/mod/forum/discuss.php?d=330173

EPSS

0.002

Percentile

51.6%

Related for VERACODE:4705

prion1 nvd1 cvelist1 osv1 github1 ubuntucve1 cve1 fedora3 nessus5 freebsd1 openvas3 mageia1