Description

The chat functionality in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allows remote authenticated users to discover the name of any user via a beep operation.

Remediation

References

CVE-2011-4304

Related Vulnerabilities

WordPress Plugin WordPress File Upload Arbitrary File Upload (3.8.5)

WordPress Plugin Polldaddy Polls & Ratings Cross-Site Scripting (2.0.24)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2242)

Moodle CVE-2018-1081 Vulnerability (CVE-2018-1081)

Oracle Application Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2001-1371)

Severity

Medium

Classification

CVE-2011-4304 CWE-200

Tags

Missing Update Known Vulnerabilities