Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5272)
Description
The Forum module in Moodle 2.7.x before 2.7.10 allows remote authenticated users to post to arbitrary groups by leveraging the teacher role, as demonstrated by a post directed to "all participants."