Description
mod/forum/rsslib.php in Moodle 2.1.x before 2.1.7 and 2.2.x before 2.2.4 does not properly implement the requirement for posting before reading a Q&A forum, which allows remote authenticated users to bypass intended access restrictions by leveraging the student role and reading the RSS feed for a forum.
Remediation
References
Related Vulnerabilities
phpMyAdmin Other Vulnerability (CVE-2005-3622)
WordPress Plugin All-in-One Addons for Elementor-WidgetKit Cross-Site Scripting (2.4.3)
Drupal Core 8.5.x Remote Code Execution (8.5.0 - 8.5.2)
Oracle JRE CVE-2013-0441 Vulnerability (CVE-2013-0441)
WordPress Plugin YITH WooCommerce Waiting List Security Bypass (1.3.9)