Description
A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. Insufficient capability checks could lead to users accessing their grade report for courses where they did not have the required gradereport/user:view capability.
Remediation
References
Related Vulnerabilities
Oracle HTTP Server CVE-2022-21593 Vulnerability (CVE-2022-21593)
WordPress Plugin Captchinoo, Google recaptcha for admin login page Security Bypass (2.3)
WordPress Plugin GD bbPress Attachments Cross-Site Scripting (2.5)
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.6)
WordPress Plugin Spider Calendar Cross-Site Scripting and SQL Injection Vulnerabilities (1.0.1)