Description

The chat functionality in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allows remote authenticated users to discover the name of any user via a beep operation.

Remediation

References

CVE-2011-4304

Related Vulnerabilities

Jenkins Passwords transmitted in plain text (CVE-2020-2251)

WordPress Plugin Video Player Unspecified Vulnerability (1.1.4)

WordPress Plugin Flight Search Widget and Blocks Cross-Site Scripting (1.1.0)

WordPress Plugin WP-Matomo (WP-Piwik) Cross-Site Scripting (1.0.10)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2079)

Severity

Medium

Classification

CVE-2011-4304 CWE-200

Tags

Missing Update Known Vulnerabilities