CVE-2012-3388
The CVE affects Moodle 2.2.x versions prior to 2.2.4 and 2.3.x versions prior to 2.3.1. The root cause is the is_enrolled function in lib/accesslib.php not interacting correctly with the caching feature, allowing remote authenticated users to bypass an intended capability check by triggering cach...