H5P metadata automatically populated the author with the user's username, which could be sensitive information. The flaw affects versions 4.2 to 4.2.2, 4.1 to 4.1.5, 4.0 to 4.0.10, 3.11 to 3.11.16, 3.9 to 3.9.23 and earlier unsupported versions.
https://moodle.org/mod/forum/discuss.php?d=451586
Created moodle tracking bugs for this issue: Affects: epel-7 [bug 2244908] Affects: fedora-all [bug 2244909]