Description
A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. Insufficient capability checks could lead to users accessing their grade report for courses where they did not have the required gradereport/user:view capability.
Remediation
References
Related Vulnerabilities
WordPress 4.7.x Denial of Service Vulnerability (4.7 - 4.7.9)
Oracle Application Server CVE-2010-0070 Vulnerability (CVE-2010-0070)
WordPress Plugin Doctor Appointment Booking Multiple Vulnerabilities (1.0.0)
WordPress Plugin Master Popups Remote Code Execution (1.0.0)
WordPress Plugin Click to Copy Grab Box Multiple Cross-Site Scripting Vulnerabilities (0.1.1)