Description
The "restore teacher" feature in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to overwrite the course idnumber.
Remediation
References
Related Vulnerabilities
Internet Information Services Other Vulnerability (CVE-2003-0225)
WordPress Plugin MDC YouTube Downloader Local File Inclusion (2.1.0)
WordPress Plugin NEX-Forms-The Ultimate WordPress Form Builder Security Bypass (7.8.7)
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-33338)
phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-5502)