EPSS
Percentile
51.8%
Moodle is vulnerable to bypassing access restrictions. The attacks can be launched because mod/forum/post.php ignores mod/forum:canposttomygroups permissions when authorizing “Post a copy to all groups” actions.
mod/forum/post.php
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50220
openwall.com/lists/oss-security/2015/07/13/2
www.securitytracker.com/id/1032877
git.moodle.org/gw?p=moodle.git;a=commit;h=eabbc98c7843904f8303d74030d1cab541d75465
moodle.org/mod/forum/discuss.php?d=316663