Information Disclosure Vulnerability in Moodle 2.0.x

Information Disclosure Vulnerability in Moodle 2.0.x

CVE-2011-4289 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

Moodle 2.0.x before 2.0.3 does not recognize the configuration setting that makes e-mail addresses visible only to course members, which allows remote authenticated users to obtain sensitive address information by reading a full profile page.

Learn more about our User Device Pen Test.