Description

The chat functionality in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allows remote authenticated users to discover the name of any user via a beep operation.

Remediation

References

CVE-2011-4304

Related Vulnerabilities

ColdFusion directory traversal

WordPress Plugin Ivory Search-WordPress Search Cross-Site Scripting (4.5.10)

MySQL CVE-2024-20996 Vulnerability (CVE-2024-20996)

TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12648)

WordPress Plugin WooCommerce HTML Injection (6.5.1)

Severity

Medium

Classification

CVE-2011-4304 CWE-200

Tags

Missing Update Known Vulnerabilities