CVE-2023-28330 – Moodle: authenticated arbitrary file read through malformed backup file

https://notcve.org/view.php?id=CVE-2023-28330

23 Mar 2023 — Insufficient sanitizing in backup resulted in an arbitrary file read risk. The capability to access this feature is only available to teachers, managers and admins by default. • https://bugzilla.redhat.com/show_bug.cgi?id=2179412 • CWE-20: Improper Input Validation •