Description
The Database activity module in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote authenticated users to read activity entries of a different group's users via an advanced search.
Remediation
References
Related Vulnerabilities
phpMyAdmin 7PK - Security Features Vulnerability (CVE-2016-9861)
WordPress Plugin Product Reviews Import Export for WooCommerce Cross-Site Request Forgery (1.3.2)
WordPress Plugin Visual Link Preview Security Bypass (2.2.2)
Oracle Database Server CVE-2006-3699 Vulnerability (CVE-2006-3699)
WordPress 2.8.3 Admin Password Reset Security Bypass Vulnerability (0.6.2 - 2.8.3)