Moodle · Moodle · CVE-2010-1616
**Name of the Vulnerable Software and Affected Versions**
Moodle versions 1.8.x through 1.9.7
**Description**
The issue allows teachers to create new accounts even if they do not have the `moodle/user:create` capability, by creating new roles when restoring a course.
**Recommendations**
For Moodle versions 1.8.x through 1.9.7, update to version 1.9.8 or later to resolve the issue.