Information Disclosure Vulnerability in Moodle 2.1.x and 2.2.x

Information Disclosure Vulnerability in Moodle 2.1.x and 2.2.x

CVE-2012-2353 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to obtain sensitive user information from hidden fields by leveraging the teacher role and navigating to "Enrolled users" under the Users Settings section.

Learn more about our User Device Pen Test.