When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.
Authentication Bypass
Moodle
Extra Packages For Enterprise Linux
Fedora
NVD
CVSS 3.1
3.3
EPSS
0.2%
Separate Groups mode restrictions were not honoured in the forum summary report, which would display users from other groups. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
Information Disclosure
Moodle
Extra Packages For Enterprise Linux
Fedora
NVD
CVSS 3.1
3.3
EPSS
0.3%