Description
The question-bank functionality in Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to bypass intended capability requirements and save questions via a save_question action.
Remediation
References
Related Vulnerabilities
PHP Improper Input Validation Vulnerability (CVE-2010-3709)
WordPress Plugin CMP-Coming Soon & Maintenance by NiteoThemes Security Bypass (3.8.1)
Envoy Proxy Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2024-32976)
WordPress Plugin GraceMedia Media Player Local File Inclusion (1.0)
Grafana Insufficiently Protected Credentials Vulnerability (CVE-2022-31130)