Description

Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 allows remote attackers to view the profile images of arbitrary user accounts via unspecified vectors.

Remediation

References

CVE-2012-0793

Related Vulnerabilities

WordPress Plugin WordPress Comment Rating Cross-Site Scripting (1.5.3)

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0018)

WordPress Plugin Cool Video Gallery Cross-Site Request Forgery (1.8)

Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-6531)

Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-1432)

Severity

Medium

Classification

CVE-2012-0793 CWE-264

Tags

Missing Update Known Vulnerabilities