Description
Moodle 2.0.x before 2.0.3 does not recognize the configuration setting that makes e-mail addresses visible only to course members, which allows remote authenticated users to obtain sensitive address information by reading a full profile page.
Remediation
References
Related Vulnerabilities
PleskLin Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-43784)
Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-12528)
SharePoint CVE-2021-1726 Vulnerability (CVE-2021-1726)
WordPress Plugin WooCommerce PDF Invoice Bulk Download Cross-Site Scripting (1.0.0)
ClipBucket Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3717)