Description
A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data.
Remediation
References
Related Vulnerabilities
WordPress Plugin Global Flash Galleries Cross-Site Scripting (0.13.4)
Liferay DXP Insertion of Sensitive Information Into Sent Data Vulnerability (CVE-2025-43768)
phpMyAdmin Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5469)
Moodle Improper Validation of Integrity Check Value Vulnerability (CVE-2012-1170)