Taka-Cst

**Name of the Vulnerable Software and Affected Versions** mdjnelson/moodle-mod customcert versions prior to 4.4.9 and 5.0.3 **Description** The mdjnelson/moodle-mod customcert plugin for Moodle, used for creating dynamically generated certificates, contains a flaw where a teacher with the `mod/customcert:manage` permission in any course can read and silently overwrite certificate elements belonging to other courses within the Moodle installation. This occurs because the `core get fragment` callback `editelement` and the `mod customcert save element` web service do not verify that the supplied `elementid` belongs to the authorized context. This enables cross-course information disclosure and data tampering. The `elementid` parameter is vulnerable, allowing unauthorized access and modification of certificate data. **Recommendations** Versions prior to 4.4.9 should be updated to version 4.4.9 or later. Versions prior to 5.0.3 should be updated to version 5.0.3 or later.