← back
CVE-2017-15110

CVE-2017-15110

EPSS 1.2%
In Moodle 3.x, students can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This allows enumerating and guessing emails of other students.
Affected products
n/a · Moodle 3.x

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://moodle.org/mod/forum/discuss.php?d=361784http://www.securityfocus.com/bid/101909