Roman Sevostyanov

**Name of the Vulnerable Software and Affected Versions** Moodle versions 3.5 through 3.5.14 Moodle versions 3.7 through 3.7.8 Moodle versions 3.8 through 3.8.5 Moodle versions 3.9 through 3.9.2 Moodle earlier unsupported versions **Description** The issue arises from insufficient checks on users' enrollment capabilities in Moodle when they are restored into an existing course. This could lead to users being unenrolled without the perpetrator having permission to do so. **Recommendations** For versions 3.5 through 3.5.14, update to version 3.5.15 or later. For versions 3.7 through 3.7.8, update to version 3.7.9 or later. For versions 3.8 through 3.8.5, update to version 3.8.6 or later. For versions 3.9 through 3.9.2, update to version 3.9.3 or later. For earlier unsupported versions, consider upgrading to a supported version.