Florence Thiard

**Name of the Vulnerable Software and Affected Versions** Moodle versions 3.5 through 3.5.13 Moodle versions 3.7 through 3.7.7 Moodle versions 3.8 through 3.8.4 Moodle versions 3.9 through 3.9.1 **Description** A vulnerability was found in Moodle where users with `Log in as` capability in a course context, typically course managers, may gain access to some site administration capabilities by logging in as a System manager. **Recommendations** For versions 3.5 through 3.5.13, update to version 3.5.14. For versions 3.7 through 3.7.7, update to version 3.7.8. For versions 3.8 through 3.8.4, update to version 3.8.5. For versions 3.9 through 3.9.1, update to version 3.9.2.