Description
The webservices functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 allows remote authenticated users to bypass the deleted status and continue using a server via a token.
Remediation
References
Related Vulnerabilities
WordPress 4.0.x Arbitrary File Deletion Vulnerability (4.0 - 4.0.23)
MySQL CVE-2020-2770 Vulnerability (CVE-2020-2770)
Drupal Core 7.x Cross-Site Scripting (7.0 - 7.79)
Chamilo Missing Authorization Vulnerability (CVE-2019-1000017)
WordPress Plugin Simple Slideshow Manager Multiple Unspecified Vulnerabilities (2.1)