Red Hat Bugzilla – Bug 1264823
CVE-2015-5272 moodle: Group access is not properly checked when posting to "all participants" in forum (MSA-15-0031)
Last modified: 2015-09-22 03:27:32 EDT
Group access is not properly checked when posting to "all participants" in forum which allows teacher without accessallgroups can still post to "all participants" and groups they're not members of. Affected versions are 2.7 to 2.7.9 and earlier unsupported versions.
*** This bug has been marked as a duplicate of bug 1264861 ***