CVE-2023-28336, GHSA-prjm-2fj2-787f
packagist/moodle/moodle
Moodle may allow teachers to access the names of users they could not otherwise access
Insufficient filtering of grade report history made it possible for teachers to access the names of users they could not otherwise access.
All versions before 3.9.20, all versions after 3.11.0 before 3.11.13, all versions starting from 4.0.0 before 4.0.7, all versions starting from 4.1.0 before 4.1.2
Upgrade to versions 3.9.20, 3.11.13, 4.0.7, 4.1.2 or above.
2023-03-24
source |