Moodle · Moodle · CVE-2011-4279
**Name of the Vulnerable Software and Affected Versions**
Moodle versions 2.0.x through 2.0.1
**Description**
The issue makes it easier for remote attackers to obtain potentially sensitive information via vectors involving the use of a search engine. This is because the forceloginforprofiles setting is not used for course-profiles access control.
**Recommendations**
For Moodle versions 2.0.x through 2.0.1, update to version 2.0.2 or later to resolve the issue.