Separate Groups mode restrictions were not factored into permission checks before allowing viewing or deletion of responses in Feedback activities.
2025-02-24T20:15:33.263
2025-08-08T19:40:46.433
Analyzed
CVSSv3.1: 6.5 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | moodle | moodle | < 4.1.16 | Yes |
| Application | moodle | moodle | < 4.3.10 | Yes |
| Application | moodle | moodle | < 4.4.6 | Yes |
| Application | moodle | moodle | < 4.5.2 | Yes |