Recent CVEs
CVE-2024-25980
Separate Groups mode restrictions were not honored in the H5P attempts report, which would display users from other groups. By default this only provided additional access to non-editing teachers.
UNKNOWN
Feb 19, 2024
CVE-2023-5545
H5P metadata automatically populated the author with the user's username, which could be sensitive information.
UNKNOWN
Nov 09, 2023