CVE-2019-3849
CVE-2019-3849 affects Moodle prior to 3.6.3, 3.5.5 and 3.4.8. The issue allows users to escalate their role within courses or content accessed via LTI by tampering requests to the LTI publisher site. Impact described as privilege escalation (high/partial in some metrics depending on vector); expl...