Moodle Permissions Privileges and Access Controls Vulnerability - CVE-2015-0214
Reference:
CVE-2015-0214
Title:
Moodle Permissions Privileges and Access Controls Vulnerability
Overview:
message/externallib.php in Moodle through 2.5.9 2.6.x before 2.6.7 2.7.x before 2.7.4 and 2.8.x before 2.8.2 allows remote authenticated users to bypass a messaging-disabled setting via a web-services request as demonstrated by a people-search request.