Description
lib/formslib.php in Moodle 2.2.x before 2.2.6 and 2.3.x before 2.3.3 allows remote authenticated users to bypass intended access restrictions via a modified value of a frozen form field.
Remediation
References
Related Vulnerabilities
WordPress Plugin EmbedSocial-Social Media Feeds, Reviews and Galleries Cross-Site Scripting (1.1.27)
Oracle Database Server CVE-2019-2939 Vulnerability (CVE-2019-2939)
WordPress Plugin DM Albums Multiple File Deletion Vulnerabilities (2.1)
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-0218)
WordPress Plugin Zedna Contact form Arbitrary File Upload (1.0)