Moodle is vulnerable to bypassing of access restrictions. The bypass is possible because tag/tag_autocomplete.php
ignores the moodle/tag:edit
capability before adding a tag, allowing any authenticated users to launch attack through an AJAX request.