Description
In Moodle 2.x and 3.x, non-admin site managers may accidentally edit admins via web services.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP REST API (WP API) Security Bypass (1.2.1)
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-13760)
WordPress Plugin Simple Page Ordering Cross-Site Scripting (2.2.1)
Sqlite NULL Pointer Dereference Vulnerability (CVE-2018-8740)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-16738)