Strifel

**Name of the Vulnerable Software and Affected Versions** Moodle versions 3.10 to 3.10.3 **Description** The issue is related to insufficient input validation in the virtual learning environment. It may allow a remote attacker to gain unauthorized access to protected information. The last time a user accessed the mobile app is displayed on their profile page, but this information should be restricted to users with the relevant capability, such as site administrators by default. **Recommendations** For Moodle versions 3.10 to 3.10.3, restrict access to the user profile page information about the last time a user accessed the mobile app to users with the relevant capability, such as site administrators by default.