Description
A vulnerability was found in Moodle versions 3.7.x before 3.7.3, 3.6.x before 3.6.7 and 3.5.x before 3.5.9. When a cohort role assignment was removed, the associated capabilities were not being revoked (where applicable).
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2021-35576 Vulnerability (CVE-2021-35576)
Joomla! Core 1.5.x Cross-Site Scripting (1.5.0 - 1.5.11)
MySQL CVE-2019-2946 Vulnerability (CVE-2019-2946)
WordPress Plugin Events Made Easy PHP Object Injection (2.0.52)
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-6434)