CVE-2017-15110

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-15110

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-15110.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-15110

Aliases

GHSA-rjh8-w8jg-xwq5

Published

2017-11-20T14:29:00Z

Modified

2024-09-03T01:46:28.408245Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

In Moodle 3.x, students can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This allows enumerating and guessing emails of other students.

References

Affected packages

Git / github.com/moodle/moodle

Affected ranges

Type: GIT
Repo: https://github.com/moodle/moodle
Events: Introduced

268abfacc54c4cbf9722c1502569b311c7caefff

Last affected

25fd679aafe60922261dee4a3e24c7b3ef4f2ae7

Introduced

b87a580aa3eb23d5f05d7f619fc40a89e0f86fe5

Last affected

3d77676d51dd9bf54b4ab4f9515c1b90c90de355

Introduced

b182239f21c38ea57cddb41b0c03ef3eb02709f8

Last affected

9146c518ece7c6b6623a9eb7a35aa174a6f1545b

Affected versions

v3.*

v3.1.0

v3.1.1

v3.1.2

v3.1.3

v3.1.4

v3.1.5

v3.1.6

v3.1.7

v3.1.8

v3.2.0

v3.2.0-beta

v3.2.0-rc1

v3.2.0-rc2

v3.2.0-rc3

v3.2.0-rc4

v3.2.0-rc5

v3.2.1

v3.2.2

v3.2.3

v3.2.4

v3.2.5

v3.3.0

v3.3.0-beta

v3.3.0-rc1

v3.3.0-rc2

v3.3.0-rc3

v3.3.1

v3.3.2