Description
A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7. No option existed to omit logs from data privacy exports, which may contain details of other users who interacted with the requester.
Remediation
References
Related Vulnerabilities
MySQL Incorrect Authorization Vulnerability (CVE-2025-50084)
WordPress Incorrect Authorization Vulnerability (CVE-2018-20147)
MySQL CVE-2016-5627 Vulnerability (CVE-2016-5627)
WordPress Plugin Booking Privilege Escalation (2.4)
Tornado Uncontrolled Resource Consumption Vulnerability (CVE-2025-67726)