Description
In Moodle 3.x, students can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This allows enumerating and guessing emails of other students.
Remediation
References
Related Vulnerabilities
Grafana Improper Authentication Vulnerability (CVE-2021-39226)
WordPress Plugin Per page add to head Cross-Site Request Forgery (1.4.3)
WordPress Plugin vSlider Multi Image Slider for WordPress Arbitrary File Upload (4.1.2)
WordPress Plugin Metronet Tag Manager Cross-Site Request Forgery (1.2.7)
WordPress Plugin vSlider Multi Image Slider for WordPress Multiple Vulnerabilities (4.1.2)