Moodle before version 3.7.2 is vulnerable to information exposure of service tokens for users enrolled in the same course.
{ "severity": "Medium", "cpes": [ "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*" ] }