CVE-2023-5545

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions H5P (affected versions not specified)

Description The issue concerns H5P metadata automatically populating the author field with the user's username, potentially exposing sensitive information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exposure of Resource to Wrong Sphere

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-668CWE-200

Related Identifiers

BIT-MOODLE-2023-5545

CVE-2023-5545

GHSA-26FG-V32R-H663

Affected Products

H5P

CVE-2023-5545

Weakness Enumeration

Related Identifiers

Affected Products

References · 14