Moodle Exposure of Resource to Wrong Sphere Vulnerability - CVE-2023-28336 - Vulnerability Database

Moodle Exposure of Resource to Wrong Sphere Vulnerability - CVE-2023-28336

Medium

Reference: CVE-2023-28336

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2023-28336

Title: Moodle Exposure of Resource to Wrong Sphere Vulnerability

Overview:

Insufficient filtering of grade report history made it possible for teachers to access the names of users they could not otherwise access.