Topic: | mod/forum/user.php exploses user details |
Severity: | Minor |
Versions affected: | < 2.1.2, < 2.0.5, < 1.9.14 |
Reported by: | Rossiani Wijaya |
Issue no.: | MDL-28615 |
Solution: | upgrade to latest version |
Changes (master): | http://git.moodle.org/gw?p=moodle.git&a=search&s=MDL-28615 |
Description:
Users' names should only be displayed to other students in the same course or to administrators.
Note: this issue was resolved for Moodle 2.x. A fix for Moodle 1.9.x will be created separately.
(Updated by Michael de Raadt, original publication date: Tuesday, 18 October 2011, 12:23 PM)