Description
lib.php in the Submission comments plugin in the Assignment module in Moodle 2.3.x before 2.3.4 and 2.4.x before 2.4.1 allows remote attackers to read or modify the submission comments (aka feedback comments) of arbitrary users via a crafted URI.
Remediation
References
Related Vulnerabilities
PHP Improper Input Validation Vulnerability (CVE-2020-7071)
WordPress Plugin MathJax-LaTeX Cross-Site Request Forgery (1.1)
Joomla! Core 3.x.x Multiple Vulnerabilities (3.7.0 - 3.8.3)
WebLogic CVE-2023-22069 Vulnerability (CVE-2023-22069)
Joomla Improper Input Validation Vulnerability (CVE-2020-11890)