Description
mod/forum/user.php in Moodle 1.9.x before 1.9.16 allows remote authenticated users to obtain the names and other details of arbitrary user accounts by searching for posts.
Remediation
References
Related Vulnerabilities
WordPress Plugin Vertical SlideShow Arbitrary File Upload (2.3)
WordPress Plugin Timesheet by BestWebSoft Cross-Site Scripting (0.1.4)
Apache HTTP Server Other Vulnerability (CVE-2000-1204)
WordPress Plugin Lara's Google Analytics Cross-Site Scripting (2.0.4)
WordPress Plugin 404 to 301-Redirect, Log and Notify 404 Errors Security Bypass (3.0.7)