CVE-2024-25980 Information

Description

Separate Groups mode restrictions were not honored in the H5P attempts report which would display users from other groups. By default this only provided additional access to non-editing teachers.

Reference

http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-80501 https://bugzilla.redhat.com/show_bug.cgi?id=2264096 https://moodle.org/mod/forum/discuss.php?d=455636