Description
mod/lti/ajax.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 does not consider the moodle/course:manageactivities and mod/lti:addinstance capabilities before proceeding with registered-tool list searches, which allows remote authenticated users to obtain sensitive information via requests to the LTI Ajax service.
Remediation
References
Related Vulnerabilities
WordPress Plugin WooCommerce Remote Code Execution (4.0.1)
WordPress Plugin Chained Quiz Multiple Cross-Site Scripting Vulnerabilities (0.9.8)
WordPress Plugin Users to CSV Cross-Site Request Forgery (1.4.5)
Nginx Use After Free Vulnerability (CVE-2022-31307)
MediaWiki Resource Management Errors Vulnerability (CVE-2015-8003)