Description

The chat functionality in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allows remote authenticated users to discover the name of any user via a beep operation.

Remediation

References

CVE-2011-4304

Related Vulnerabilities

WordPress Plugin LinkedIn by BestWebSoft Cross-Site Scripting (1.0.4)

WordPress Plugin PWAMP PHP Object Injection (1.0.0)

WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.28)

WordPress Plugin My Category Order Cross-Site Scripting (4.3)

Nginx Improper Encoding or Escaping of Output Vulnerability (CVE-2013-4547)

Severity

Medium

Classification

CVE-2011-4304 CWE-200

Tags

Missing Update Known Vulnerabilities