Description
Moodle 2.2.x before 2.2.5 and 2.3.x before 2.3.2 allows remote authenticated users to bypass intended capability restrictions and perform certain topic changes by leveraging course-editing capabilities.
Remediation
References
Related Vulnerabilities
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-6728)
WordPress Plugin FPW Category Thumbnails Multiple Unspecified Vulnerabilities (1.6.7)
Drupal Core 8.9.x Cross-Site Scripting (8.9.0 - 8.9.15)
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-35030)
WordPress Plugin OneClick Chat to Order Cross-Site Scripting (1.0.4.1)