Description
mod/wiki/admin.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote authenticated users to remove wiki pages by leveraging delete access within a different subwiki.
Remediation
References
Related Vulnerabilities
WordPress Plugin Login with phone number Cross-Site Scripting (1.4.1)
Internet Information Services Improper Authentication Vulnerability (CVE-2009-1535)
PHP Other Vulnerability (CVE-2000-0860)
MySQL CVE-2023-22064 Vulnerability (CVE-2023-22064)
Jenkins Use of Insufficiently Random Values Vulnerability (CVE-2020-2099)