Description In Moodle 2.x and 3.x, the capability to view course notes is checked in the wrong context. Remediation References CVE-2016-8644 Related Vulnerabilities WordPress Plugin Coditor-Code Editor Security Bypass (1.1) Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-17567) SharePoint CVE-2020-17118 Vulnerability (CVE-2020-17118) Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0706) OpenSSL Other Vulnerability (CVE-2015-0208) Severity Medium Classification CVE-2016-8644 CWE-264 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Tags Missing Update Known Vulnerabilities