Description
Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 does not properly handle user/action_redir group messages, which allows remote authenticated users to discover e-mail addresses by visiting the messaging interface.
Remediation
References
Related Vulnerabilities
WordPress Plugin Backup Migration Cross-Site Scripting (1.1.5)
WordPress Plugin Velvet Blues Update URLs Unspecified Vulnerability (2.1)
TYPO3 Insertion of Sensitive Information into Log File Vulnerability (CVE-2022-31047)
WordPress Plugin Responsive Menu-Create Mobile-Friendly Menu Multiple Vulnerabilities (3.1.3)