Description
In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, teachers of a course were able to assign themselves the manager role within that course.
Remediation
References
Related Vulnerabilities
WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.7)
Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.14)
WordPress Plugin SEO Redirection-301 Redirect Manager Cross-Site Scripting (6.3)
WordPress Plugin Banner Cycler Cross-Site Request Forgery (1.4)
OpenVPN AS Improper Authentication Vulnerability (CVE-2020-15077)