What the vulnerability does

01Description

A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data.

Key dates

02Disclosure timeline

January 25, 2022 CVE published
August 2, 2024 Record updated