Description
A vulnerability was found in Moodle versions 3.7.x before 3.7.3, 3.6.x before 3.6.7 and 3.5.x before 3.5.9. When a cohort role assignment was removed, the associated capabilities were not being revoked (where applicable).
Remediation
References
Related Vulnerabilities
Apache 2.x version older than 2.2.6
Joomla Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-3227)
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2018-8022)
Drupal Core 9.0.x Arbitrary File Overwrite (9.0.0 - 9.0.10)
WordPress Plugin Essential Grid Portfolio-Photo Gallery Security Bypass (1.1.2)