Description
mod/assign/externallib.php in Moodle 2.6.x before 2.6.2 does not properly handle assignment web-service parameters, which might allow remote authenticated users to modify grade metadata via unspecified vectors.
Remediation
References
Related Vulnerabilities
PHP-Fusion Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-3172)
Open Resty Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)
Drupal CVE-2020-13665 Vulnerability (CVE-2020-13665)
PostgreSQL Other Vulnerability (CVE-2005-1410)
WordPress Plugin Bird Feeder Multiple Vulnerabilities (1.2.3)