Description

Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 allows remote attackers to view the profile images of arbitrary user accounts via unspecified vectors.

Remediation

References

CVE-2012-0793

Related Vulnerabilities

PostgreSQL Improper Access Control Vulnerability (CVE-2019-10128)

Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1999005)

WordPress Plugin Loginizer Cross-Site Scripting (1.3.9)

WordPress Improper Input Validation Vulnerability (CVE-2020-26596)

WordPress Plugin Query Interface Security Bypass (1.1)

Severity

Medium

Classification

CVE-2012-0793 CWE-264

Tags

Missing Update Known Vulnerabilities