Medium severity4.3NVD Advisory· Published Nov 20, 2017· Updated May 13, 2026
CVE-2017-15110
CVE-2017-15110
Description
In Moodle 3.x, students can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This allows enumerating and guessing emails of other students.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
moodle/moodlePackagist | >= 3.1, < 3.1.9 | 3.1.9 |
moodle/moodlePackagist | >= 3.2, < 3.2.6 | 3.2.6 |
moodle/moodlePackagist | >= 3.3, < 3.3.3 | 3.3.3 |
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- www.securityfocus.com/bid/101909nvdThird Party AdvisoryVDB EntryWEB
- github.com/advisories/GHSA-rjh8-w8jg-xwq5ghsaADVISORY
- moodle.org/mod/forum/discuss.phpnvdIssue TrackingMitigationVendor AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2017-15110ghsaADVISORY
News mentions
0No linked articles in our index yet.