Description

Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 does not properly handle user/action_redir group messages, which allows remote authenticated users to discover e-mail addresses by visiting the messaging interface.

Remediation

References

CVE-2011-4593

Related Vulnerabilities

SharePoint Other Vulnerability (CVE-2014-6357)

PHP CVE-2007-5898 Vulnerability (CVE-2007-5898)

WordPress Plugin WP-Forum Multiple SQL Injection Vulnerabilities (1.7.8)

ClipBucket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-7666)

Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-4590)

Severity

Medium

Classification

CVE-2011-4593 CWE-200

Tags

Missing Update Known Vulnerabilities