Profile Field Editing Vulnerability in Moodle Versions 2.7 through 3.0.3
CVE-2016-3729 · MEDIUM Severity
AV:N/AC:L/AU:S/C:N/I:P/A:N
The user editing form in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to edit profile fields locked by the administrator.
Learn more about our User Device Pen Test.