Description
Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to
Remediation
References
Related Vulnerabilities
WordPress Plugin Restaurant Menu by MotoPress Cross-Site Scripting (2.4.1)
WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease SQL Injection (4.6.1)
GlassFish CVE-2017-10400 Vulnerability (CVE-2017-10400)
WordPress Plugin Zendesk Chat Cross-Site Scripting (1.2.5)
Moodle URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-14831)