Maria Torres

**Name of the Vulnerable Software and Affected Versions** Moodle versions prior to 2.3.11 Moodle versions 2.4.x before 2.4.9 Moodle versions 2.5.x before 2.5.5 Moodle versions 2.6.x before 2.6.2 **Description** The issue concerns the improper restriction of email address display in certain modules. Remote authenticated users can exploit this to obtain sensitive information by utilizing the Forum or Quiz module. **Recommendations** For versions prior to 2.3.11, update to version 2.3.11 or later. For versions 2.4.x before 2.4.9, update to version 2.4.9 or later. For versions 2.5.x before 2.5.5, update to version 2.5.5 or later. For versions 2.6.x before 2.6.2, update to version 2.6.2 or later.