Description
The capability check to access other badges in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to read the badges of other users.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2018-2618 Vulnerability (CVE-2018-2618)
MySQL CVE-2022-21297 Vulnerability (CVE-2022-21297)
WordPress Plugin Email newsletter 'option' Parameter Information Disclosure (8.0)
MySQL CVE-2019-2920 Vulnerability (CVE-2019-2920)
ownCloud Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-1499)