Description

Moodle 2.0.x before 2.0.2 allows remote attackers to obtain sensitive information from a myprofile (aka My profile) block by visiting a user-context page.

Remediation

References

CVE-2011-4284

Related Vulnerabilities

WordPress Plugin Simple Sitemap-Create a Responsive HTML Sitemap Unspecified Vulnerability (1.53)

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18098)

WordPress Plugin AJAX Comment Page Cross-Site Scripting (3.25)

WordPress Plugin Blue Wrench Video Widget Cross-Site Scripting (2.1.0)

WordPress Plugin WP-Lister Lite for eBay Cross-Site Scripting (2.0.8.3)

Severity

Medium

Classification

CVE-2011-4284 CWE-200

Tags

Missing Update Known Vulnerabilities