Description
Moodle 2.0.x before 2.0.3 does not recognize the configuration setting that makes e-mail addresses visible only to course members, which allows remote authenticated users to obtain sensitive address information by reading a full profile page.
Remediation
References
Related Vulnerabilities
PHP Numeric Errors Vulnerability (CVE-2011-1471)
ProjectSend Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2018-7201)
WordPress Plugin Premium Addons for Elementor Security Bypass (4.5.1)
WordPress Plugin GA Universal Cross-Site Request Forgery (1.0)
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall SQL Injection (3.8.7)