Description
The H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers about attempts/users in groups they should not have access to.
Remediation
References
Related Vulnerabilities
WordPress Plugin Let Them Unsubscribe Multiple Unspecified Vulnerabilities (1.0)
MySQL CVE-2014-6530 Vulnerability (CVE-2014-6530)
WordPress Plugin MyThemeShop Theme/Plugin Updater Cross-Site Scripting (1.2.3)
WordPress Plugin Wordpress Uninstall Cross-Site Request Forgery (1.2.1)
LimeSurvey Improper Restriction of XML External Entity Reference Vulnerability (CVE-2019-16174)