Description
The vulnerability was found Moodle which exists due to insufficient limitations on the "start page" preference. A remote attacker can set that preference for another user. The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
Remediation
References
Related Vulnerabilities
WordPress Plugin iThemes Security (formerly Better WP Security) Unspecified Vulnerability (6.9.0)
WordPress Plugin Simple Slide Show TimThumb Arbitrary File Upload (1.0)
Drupal Data Processing Errors Vulnerability (CVE-2017-6920)
PHP Numeric Errors Vulnerability (CVE-2012-2386)
Zope Web Application Server Other Vulnerability (CVE-2002-0170)