Description
A vulnerability was found in Moodle affection 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions where activity creation capabilities were not correctly respected when selecting the activity to use for a course in single activity mode.
Remediation
References
Related Vulnerabilities
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-0866)
SharePoint CVE-2022-38009 Vulnerability (CVE-2022-38009)
Java Unspesificed Vulnerability (CVE-2019-2684)
WordPress 4.0.x Same Origin Method Execution (SOME) Vulnerability (4.0 - 4.0.10)
WordPress Plugin WP User Groups Cross-Site Request Forgery (2.0.0)