CVE-2017-15110 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2017-15110 Interim 1 3 2021-06-09T13:05:45Z current 2021-05-30T14:02:53Z 2021-06-09T13:05:45Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2017-15110 In Moodle 3.x, students can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This allows enumerating and guessing emails of other students. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings In Moodle 3.x, students can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This allows enumerating and guessing emails of other students. CVE-2017-15110 moderate 4 AV:N/AC:L/Au:S/C:P/I:N/A:N 4.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N