Description
In Moodle 2.x and 3.x, non-admin site managers may accidentally edit admins via web services.
Remediation
References
Related Vulnerabilities
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-4403)
Plone CMS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-7293)
WordPress Plugin Import Spreadsheets from Microsoft Excel Cross-Site Scripting (10.1.3)
Oracle Database Server CVE-2006-1873 Vulnerability (CVE-2006-1873)