Description
In Moodle 3.x, students can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This allows enumerating and guessing emails of other students.
Remediation
References
Related Vulnerabilities
MySQL CVE-2023-22048 Vulnerability (CVE-2023-22048)
Oracle Database Server Improper Input Validation Vulnerability (CVE-2018-1000873)
SharePoint CVE-2024-38018 Vulnerability (CVE-2024-38018)
WordPress Plugin Login No Captcha reCAPTCHA Security Bypass (1.4.1)
WordPress Plugin Database for Contact Form 7, WPforms, Elementor forms Arbitrary File Upload (1.3.2)