CVE-2017-15110

Summary

In Moodle 3.x, students can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This allows enumerating and guessing emails of other students.

Affected Software

VendorProductVersion RangeStatus
n/aMoodle 3.xMoodle 3.xaffected

Weaknesses

  • improper access control

ADP Enrichment

CVE Program Container

Additional References

References