CVE-2022-0985

Summary

Insufficient capability checks could allow users with the moodle/site:uploadusers capability to delete users, without having the necessary moodle/user:delete capability.

Affected Software

VendorProductVersion RangeStatus
n/amoodlemoodle 3.11.6, moodle 3.10.10, moodle 3.9.13affected

Weaknesses

  • CWE-287: CWE-287

ADP Enrichment

CVE Program Container

Additional References

References