Description
The is_enrolled function in lib/accesslib.php in Moodle 2.2.x before 2.2.4 and 2.3.x before 2.3.1 does not properly interact with the caching feature, which might allow remote authenticated users to bypass an intended capability check via unspecified vectors that trigger caching of a user record.
Remediation
References
Related Vulnerabilities
MySQL CVE-2021-2193 Vulnerability (CVE-2021-2193)
MySQL CVE-2015-0441 Vulnerability (CVE-2015-0441)
WordPress Plugin Forms-Form builder and Contact form Multiple Unspecified Vulnerabilities (1.4.7)
MySQL CVE-2019-2592 Vulnerability (CVE-2019-2592)
WordPress Plugin LayerSlider Responsive WordPress Slider Multiple Vulnerabilities (6.2.0)