Description
In Moodle 3.x, various course reports allow teachers to view details about users in the groups they can't access.
Remediation
References
Related Vulnerabilities
MongoDb Improper Handling of Exceptional Conditions Vulnerability (CVE-2020-7923)
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-8623)
PrestaShop Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-15080)
XWiki Other Vulnerability (CVE-2022-41935)
Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22795)