Description
A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data.
Remediation
References
Related Vulnerabilities
WordPress Plugin Page and Post Clone Information Disclosure (1.1)
WordPress Plugin AWSM Team-Team Showcase Local File Inclusion (1.3.1)
Drupal Core 9.0.x Information Disclosure (9.0.0 - 9.0.5)
TYPO3 Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-11063)
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4549)