EPSS
Percentile
35.6%
Moodle is vulnerable to unauthorized instantiation and denial of service (DoS). The authenticated user is allowed to instantiate any class just by changing URLs in portfolios. Guest users can also launch DoS using this flaw.
moodle.org/mod/forum/discuss.php?d=371204