Moodle · Moodle · CVE-2012-2353
**Name of the Vulnerable Software and Affected Versions**
Moodle versions 2.1.x through 2.1.5
Moodle versions 2.2.x through 2.2.2
**Description**
The issue allows remote authenticated users to obtain sensitive user information from hidden fields by leveraging the teacher role and navigating to "Enrolled users" under the Users Settings section.
**Recommendations**
For Moodle versions 2.1.x through 2.1.5, update to version 2.1.6 or later.
For Moodle versions 2.2.x through 2.2.2, update to version 2.2.3 or later.