Description
Insufficient filtering of grade report history made it possible for teachers to access the names of users they could not otherwise access.
Remediation
References
Related Vulnerabilities
WordPress Plugin Revive Old Post-Auto Post to Social Media 'cat' Parameter SQL Injection (3.2.5)
ReviveAdserver Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-7371)
WordPress Plugin All-in-One Event Calendar Multiple Cross-Site Scripting Vulnerabilities (1.5)