Description
A vulnerability was found in Moodle affecting 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions, where users with the capability to create courses were assigned as a teacher in those courses, regardless of whether they had the capability to be automatically assigned that role.
Remediation
References
Related Vulnerabilities
WordPress Plugin Easy PayPal Buy Now Button Cross-Site Scripting (1.7.3)
MySQL CVE-2018-2769 Vulnerability (CVE-2018-2769)
WordPress Plugin My Category Order Cross-Site Scripting (4.3)
Drupal Core 7.x Cross-Site Scripting (7.0 - 7.64)
Envoy Proxy Always-Incorrect Control Flow Implementation Vulnerability (CVE-2024-53271)