Vulnerability Details CVE-2012-2353
Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to obtain sensitive user information from hidden fields by leveraging the teacher role and navigating to "Enrolled users" under the Users Settings section.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.5%
CVSS Severity
CVSS v2 Score 4.0
References
Products affected by CVE-2012-2353
-
cpe:2.3:a:moodle:moodle:2.1.0
-
cpe:2.3:a:moodle:moodle:2.1.1
-
cpe:2.3:a:moodle:moodle:2.1.2
-
cpe:2.3:a:moodle:moodle:2.1.3
-
cpe:2.3:a:moodle:moodle:2.1.4
-
cpe:2.3:a:moodle:moodle:2.1.5
-
cpe:2.3:a:moodle:moodle:2.2.0
-
cpe:2.3:a:moodle:moodle:2.2.1
-
cpe:2.3:a:moodle:moodle:2.2.2