Description
The LAMS module (mod/lams) for Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 stores the (1) username, (2) firstname, and (3) lastname fields within the user table, which allows attackers to obtain user account information via unknown vectors.
Remediation
References
Related Vulnerabilities
Jenkins Cryptographic Issues Vulnerability (CVE-2014-2061)
WordPress Plugin HK Exif Tags Cross-Site Scripting (1.11)
PHP Numeric Errors Vulnerability (CVE-2016-4344)
OpenSSL Missing Encryption of Sensitive Data Vulnerability (CVE-2019-1563)
WordPress Plugin WP Inventory Manager Unspecified Vulnerability (1.8.1)