CVE-2015-5272

2016-02-22T00:59:10
ID CVE-2015-5272
Type cve
Reporter NVD
Modified 2017-09-16T21:29:04

Description

The Forum module in Moodle 2.7.x before 2.7.10 allows remote authenticated users to post to arbitrary groups by leveraging the teacher role, as demonstrated by a post directed to "all participants."