CVE-2017-2642by Jeremyin Security Bulletinson Posted on July 17, 2017 Moodle 3.x has user fullname disclosure on the user preferences page.