Leon Stringer

**Name of the Vulnerable Software and Affected Versions** The product name cannot be determined. **Description** The issue concerns permission checks in Feedback activities, where restrictions related to Separate Groups mode were not properly considered before allowing users to view or delete responses. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned. **Description** The issue concerns the site log report, which required additional encoding of event descriptions. This encoding is necessary to ensure that any HTML in the content is displayed in plaintext instead of being rendered. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Moodle (affected versions not specified) **Description** The issue concerns the H5P attempts report in Separate Groups mode, where restrictions were not properly enforced, allowing the display of users from other groups. By default, this provided additional access to non-editing teachers. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Moodle (affected versions not specified) **Description** The issue concerns Separate Groups mode restrictions not being honored during a forum export. This results in the export of forum data for all groups, providing non-editing teachers with additional access by default. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.