VYPR
Moderate severityOSV Advisory· Published Nov 9, 2023· Updated Aug 2, 2024

Moodle: auto-populated h5p author name causes a potential information leak

CVE-2023-5545

Description

H5P metadata automatically populated the author with the user's username, which could be sensitive information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
moodle/moodlePackagist
< 4.3.0-rc24.3.0-rc2

Affected products

3

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.