CVE-2006-4937

Name of the Vulnerable Software and Affected Versions Moodle versions prior to 1.6.2

Description The issue allows remote authenticated users to potentially obtain sensitive information by triggering warning messages. This is due to the error reporting level being set to display E WARNING messages to users, even when debugging is disabled.

Recommendations For versions prior to 1.6.2, update to version 1.6.2 or later to resolve the issue. As a temporary workaround, consider modifying the error reporting level in lib/setup.php to prevent the display of E WARNING messages to users.