Description

mod/forum/user.php in Moodle 1.9.x before 1.9.16 allows remote authenticated users to obtain the names and other details of arbitrary user accounts by searching for posts.

Remediation

References

CVE-2012-0792

Related Vulnerabilities

MySQL CVE-2015-0507 Vulnerability (CVE-2015-0507)

OpenVPN AS Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2020-36382)

WordPress Plugin DiveBook Multiple Vulnerabilities (1.1.4)

Nginx Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2009-3896)

WordPress Plugin Visualizer:Tables and Charts Manager for WordPress Cross-Site Scripting (3.9.1)

Severity

Medium

Classification

CVE-2012-0792 CWE-200

Tags

Missing Update Known Vulnerabilities