EPSS
Percentile
34.9%
Moodle is vulnerable to access restriction bypass. Authenticated attackers can circumvent access restrictions and conduct spam attacks because moodle doesn’t correctly check the contact list before the authorization of message transmissions.
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50426
moodle.org/mod/forum/discuss.php?d=323228