Moodle is vulnerable to privilege escalation attacks. The attacks are possible because it does not properly handle WebDav repository privileges. Therefore, any authenticated users are able to modify, read, or delete arbitrary site-wide repositories.
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37852
lists.fedoraproject.org/pipermail/package-announce/2013-April/101310.html
lists.fedoraproject.org/pipermail/package-announce/2013-April/101358.html
openwall.com/lists/oss-security/2013/03/25/2
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37852
moodle.org/mod/forum/discuss.php?d=225348