CVE-2024-25980
Msa-24-0003: h5p attempts report did not respect activity group settings
Separate Groups mode restrictions were not honored in the H5P attempts report, which would display users from other groups. By default this only provided additional access to non-editing teachers.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Produtos afetados
moodleQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-80501https://bugzilla.redhat.com/show_bug.cgi?id=2264096https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/https://moodle.org/mod/forum/discuss.php?d=455636