CVE-2012-0792
mod/forum/user.php in Moodle 1.9.x before 1.9.16 allows remote authenticated users to obtain the names and other details of arbitrary user accounts by searching for posts.
Date published : 2012-07-17
http://git.moodle.org/gw?p=moodle.git;a=commit;h=36b0ddeed45d0751508dcd9fa50f17fda43bae54