Description
The self-enrolment functionality in Moodle 2.1.x before 2.1.4 and 2.2.x before 2.2.1 allows remote authenticated users to obtain the manager role by leveraging the teacher role.
Remediation
References
Related Vulnerabilities
Moodle Incorrect Authorization Vulnerability (CVE-2024-48897)
Drupal Core 6.x Local File Inclusion (6.0 - 6.9)
Apache Tomcat Other Vulnerability (CVE-2006-7195)
e107 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3731)
Oracle Application Server CVE-2010-0067 Vulnerability (CVE-2010-0067)