Moodle · Moodle · CVE-2020-25701
**Name of the Vulnerable Software and Affected Versions**
Moodle versions 3.5 to 3.5.14
Moodle versions 3.7 to 3.7.8
Moodle versions 3.8 to 3.8.5
Moodle versions 3.9 to 3.9.2
**Description**
The upload course tool in Moodle contains an issue where deleting a non-existent or disabled enrollment method would incorrectly enable it, potentially allowing unintended users to access the course.
**Recommendations**
For Moodle versions 3.5 to 3.5.14, update to version 3.5.15 or later.
For Moodle versions 3.7 to 3.7.8, update to version 3.7.9 or later.
For Moodle versions 3.8 to 3.8.5, update to version 3.8.6 or later.
For Moodle versions 3.9 to 3.9.2, update to version 3.9.3 or later.