Description
The account-confirmation feature in login/confirm.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote attackers to obtain sensitive full-name information by attempting to self-register.
Remediation
References
Related Vulnerabilities
MySQL CVE-2020-2921 Vulnerability (CVE-2020-2921)
WordPress Plugin Qyrr-simply and modern QR-Code creation Cross-Site Scripting (0.6)
Oracle Database Server CVE-2008-2607 Vulnerability (CVE-2008-2607)
WordPress Plugin WP-Stateless-Google Cloud Storage Remote Code Execution (2.2.0)
WordPress Plugin NextGEN Gallery-WordPress Gallery Local File Inclusion (2.1.56)