Arbitrary User Account Profile Image Disclosure in Moodle

Arbitrary User Account Profile Image Disclosure in Moodle

CVE-2012-0793 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 allows remote attackers to view the profile images of arbitrary user accounts via unspecified vectors.

Learn more about our User Device Pen Test.