Moodle is vulnerable to privilege escalation. Users (students) are able to add entries within groups they do not belong to.
bugzilla.redhat.com/show_bug.cgi?id=1895427
github.com/advisories/GHSA-7h8v-2v8x-h264
lists.fedoraproject.org/archives/list/[email protected]/message/4NNFCHPPHRJNJROIX6SYMHOC6HMKP3GU/
lists.fedoraproject.org/archives/list/[email protected]/message/B55KXBVAT45MDASJ3EK6VIGQOYGJ4NH6/
moodle.org/mod/forum/discuss.php?d=413938