Description
Moodle 2.3.x before 2.3.3 allows remote authenticated users to bypass the moodle/role:manage capability requirement and read all capability data by visiting the Check Permissions page.
Remediation
References
Related Vulnerabilities
WebLogic CVE-2018-2935 Vulnerability (CVE-2018-2935)
WordPress Plugin Flow-Flow Social Stream Unspecified Vulnerability (3.0.71)
MySQL CVE-2013-3804 Vulnerability (CVE-2013-3804)
PHP Out-of-bounds Read Vulnerability (CVE-2016-5093)
WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Cross-Site Scripting (1.16.4)