Description

Moodle 3.x has user fullname disclosure on the user preferences page.

Remediation

References

CVE-2017-2642

Related Vulnerabilities

WordPress Other Vulnerability (CVE-2007-0233)

MySQL CVE-2020-14672 Vulnerability (CVE-2020-14672)

WordPress Plugin Telefication Server-Side Request Forgery (1.8.0)

SharePoint Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1860)

WordPress Plugin iThemes Security (formerly Better WP Security) Cross-Site Scripting (3.5.3)

Severity

Medium

Classification

CVE-2017-2642 CWE-200 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities