Moodle Permissions Privileges and Access Controls Vulnerability - CVE-2014-7834
Reference:
CVE-2014-7834
Title:
Moodle Permissions Privileges and Access Controls Vulnerability
Overview:
mod/forum/externallib.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 does not verify group permissions which allows remote authenticated users to access a forum via the forum_get_discussions web service.