Description
Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to bypass question:use* capability requirements and add arbitrary questions to a quiz via the questions feature.
Remediation
References
Related Vulnerabilities
WordPress Plugin Dynamic Widgets Multiple Unspecified Vulnerabilities (1.5.7)
WordPress Plugin Fusion:Extension-Gallery Multiple Unspecified Vulnerabilities (1.0.4)
WordPress Plugin Category and Page Icons Multiple Vulnerabilities (0.9.1)
Joomla Other Vulnerability (CVE-2006-7009)
WordPress Plugin Database for Contact Form 7, WPforms, Elementor forms Cross-Site Scripting (1.3.8)