Description

mod/forum/user.php in Moodle 1.9.x before 1.9.16 allows remote authenticated users to obtain the names and other details of arbitrary user accounts by searching for posts.

Remediation

References

CVE-2012-0792

Related Vulnerabilities

WordPress Plugin Cache-Control Unspecified Vulnerability (2.2.3)

Microsoft SQL Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-5090)

WordPress Plugin Slick Popup:Contact Form 7 Popup Privilege Escalation (1.7.1)

ownCloud Improper Input Validation Vulnerability (CVE-2013-1939)

jPlayer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2023)

Severity

Medium

Classification

CVE-2012-0792 CWE-200

Tags

Missing Update Known Vulnerabilities