Description In Moodle, insufficient capability checks made it possible to remove other users' calendar URL subscriptions. Remediation References CVE-2021-36400 Related Vulnerabilities Apache Tomcat Improperly Implemented Security Check for Standard Vulnerability (CVE-2017-15706) Drupal Improper Removal of Sensitive Information Before Storage or Transfer Vulnerability (CVE-2022-31043) WordPress Plugin Simple History Information Disclosure (2.7.4) Joomla! Core 1.7.x Information Disclosure (1.7.0 - 1.7.4) MySQL CVE-2017-3320 Vulnerability (CVE-2017-3320) Severity Medium Classification CVE-2021-36400 CWE-639 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Tags Missing Update Known Vulnerabilities