Roger

**Name of the Vulnerable Software and Affected Versions** twitch-tui versions prior to 2.4.1 **Description** The issue arises from the software's configuration of the IRC connection, which disables TLS, resulting in unencrypted communication to Twitch IRC servers. This allows communication, including auth tokens, to be sniffed. **Recommendations** For versions prior to 2.4.1, update to version 2.4.1 to resolve the issue. As a temporary workaround, consider configuring the IRC connection to enable TLS until the update can be applied.

**Name of the Vulnerable Software and Affected Versions** Moodle versions 2.8.x through 2.8.10 Moodle versions 2.9.x through 2.9.4 Moodle versions 3.0.x through 3.0.2 **Description** The issue allows remote authenticated users to discover hidden course names by subscribing to a rule, due to the failure of the admin/tool/monitor/lib.php script in Event Monitor to consider the moodle/course:viewhiddencourses capability. **Recommendations** For Moodle versions 2.8.x through 2.8.10, update to version 2.8.11 or later. For Moodle versions 2.9.x through 2.9.4, update to version 2.9.5 or later. For Moodle versions 3.0.x through 3.0.2, update to version 3.0.3 or later.