Description
Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 allows remote attackers to view the profile images of arbitrary user accounts via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin Testimonial-Best Testimonial Slider Cross-Site Scripting (2.1.6)
PrestaShop Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2018-8823)
WordPress Plugin WordPress Download Manager Cross-Site Scripting (3.2.21)
PHP Other Vulnerability (CVE-2007-2369)
Oracle Database Server CVE-2013-3771 Vulnerability (CVE-2013-3771)