Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4304)

Description

The chat functionality in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allows remote authenticated users to discover the name of any user via a beep operation.

Remediation

References

CVE-2011-4304

Related Vulnerabilities

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2355)

Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-20901)

IBM WebSEAL Session Fixation Vulnerability (CVE-2018-1804)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-2266)

phpMyFAQ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-6045)

Severity

Medium

Classification

CVE-2011-4304 CWE-200

Description

Remediation

References

Related Vulnerabilities

Severity

Classification

Tags

Take action and discover your vulnerabilities