Description Moodle 3.x has user fullname disclosure on the user preferences page. Remediation References CVE-2017-2642 Related Vulnerabilities Apache HTTP Server Other Vulnerability (CVE-2006-5752) TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23494) WordPress Plugin iThemes Exchange:Simple WP Ecommerce Remote Code Execution (1.14.0) ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9455) WordPress Plugin Easy Accept Payments for PayPal Cross-Site Scripting (4.9.9) Severity Medium Classification CVE-2017-2642 CWE-200 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Tags Missing Update Known Vulnerabilities