Description
H5P metadata automatically populated the author with the user's username, which could be sensitive information.
Remediation
References
Related Vulnerabilities
b2evolution Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3709)
WordPress Plugin Ultimate Reviews PHP Object Injection (2.0.18)
WordPress Plugin Affiliates Multiple Cross-Site Scripting Vulnerabilities (2.13.1)
WordPress Plugin WooCommerce Cross-Site Request Forgery (2.2.2)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-3732)