Description
In Moodle 2.x and 3.x, non-admin site managers may accidentally edit admins via web services.
Remediation
References
Related Vulnerabilities
ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3835)
Atlassian Jira Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-20408)
WordPress Plugin Smart Flv 'jwplayer.swf' Multiple Cross-Site Scripting Vulnerabilities (1.0)
WordPress Plugin Advanced Custom Fields:reCAPTCHA Field Security Bypass (1.1.1)
WordPress 4.5.x Possible SQL Injection Vulnerability (4.5 - 4.5.10)