Description In Moodle, insufficient capability checks made it possible to remove other users' calendar URL subscriptions. Remediation References CVE-2021-36400 Related Vulnerabilities Oracle Application Server CVE-2008-3975 Vulnerability (CVE-2008-3975) WordPress Plugin Contentboxes Cross-Site Scripting (1.1) Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-1116) ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3835) Dot CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1826) Severity Medium Classification CVE-2021-36400 CWE-639 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Tags Missing Update Known Vulnerabilities