Description
Moodle 2.0.x before 2.0.3 does not recognize the configuration setting that makes e-mail addresses visible only to course members, which allows remote authenticated users to obtain sensitive address information by reading a full profile page.
Remediation
References
Related Vulnerabilities
WordPress Plugin Contact Form Generator Multiple Cross-Site Request Forgery Vulnerabilities (2.1.86)
WordPress Plugin Seriously Simple Podcasting Cross-Site Scripting (1.9.4)
Apache Traffic Server Improper Authentication Vulnerability (CVE-2021-38161)
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-32566)