Privacy issue, with users being able to see other users profile pages when they shouldn't

[davefoord]

I have just found (to my horror) that even if the permissions are set so an authenticated user cannot view other users profiles, if they do try to visit someone else's profile, it still shows that users name and picture (the other bits are hidden as expected) - this is obviously a complete violation of data privacy.

Can this be looked into please?

[davefoord]

Has anyone looked at this issue yet?

[willianmano]

@davefoord please provide more details like steps to reproduce and screenshots.

[davefoord]

A typical user in the system that has the role of 'authenticated user' should not be able to see the profiles of other users, unless they are connected in some way - e.g. the other user is a teacher on a course they are on.

So if the average user edits their own profile and saves, this will give them a URL that contains their user ID. If this user were to change that ID to other random numbers, they would be taken to the profiles of other users. In other themes, they won't actually see anything expect for a pink warning box that says 'The details of this user are not available to you' - however the Moove theme behaves differently, in that it shows that message, but also shows a card containing the user's name and their picture (see attached screenshot).

It is the displaying of this card that is the problem, as is a blatant privacy violation.

I tried to 'hide' it using CSS, but this also hides it in places where I want it to be shown - e.g. when a user views their own profile or I as an admin view a users profile.

If you need any further information, then please let me know - I am really keen to help get this fixed, as I currently have 5 different sites that use the Moove theme.

So in this example, user with ID 17501 has changed the URL in the profile to 9508, and in doing so can see the name and picture of user 9508 even though there is no connection between them.