Description
A flaw was found in Moodle before versions 3.7, 3.6.4. A web service fetching messages was not restricted to the current user's conversations.
Remediation
References
Related Vulnerabilities
WordPress 6.4.x Multiple Vulnerabilities (6.4 - 6.4.4)
Python Incorrect Type Conversion or Cast Vulnerability (CVE-2020-10735)
WordPress Plugin Brizy-Page Builder Multiple Vulnerabilities (2.3.11)
Oracle Database Server CVE-2010-0892 Vulnerability (CVE-2010-0892)
WordPress Plugin Import any XML or CSV File to WordPress Pro Arbitrary File Upload (4.1.0)