Description
mod/assign/externallib.php in Moodle 2.6.x before 2.6.2 does not properly handle assignment web-service parameters, which might allow remote authenticated users to modify grade metadata via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin Post Lists View Custom Cross-Site Scripting (1.7.1)
WordPress Plugin WP Admin UI Customize Cross-Site Scripting (1.5.2.6)
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2004-0488)
EspoCRM Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-46736)
WordPress Plugin CevherShare 'cevhershare-admin.php' SQL Injection (2.0)