In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, teachers of a course were able to assign themselves the manager role within that course.
2022-08-16T21:15:09.447
2024-11-21T05:03:00.277
Modified
CVSSv3.1: 8.8 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | moodle | moodle | < 3.5.13 | Yes |
| Application | moodle | moodle | < 3.7.7 | Yes |
| Application | moodle | moodle | < 3.8.4 | Yes |
| Application | moodle | moodle | 3.9.0 | Yes |