CVE-2020-25701

Name of the Vulnerable Software and Affected Versions Moodle versions 3.5 to 3.5.14 Moodle versions 3.7 to 3.7.8 Moodle versions 3.8 to 3.8.5 Moodle versions 3.9 to 3.9.2

Description The upload course tool in Moodle contains an issue where deleting a non-existent or disabled enrollment method would incorrectly enable it, potentially allowing unintended users to access the course.

Recommendations For Moodle versions 3.5 to 3.5.14, update to version 3.5.15 or later. For Moodle versions 3.7 to 3.7.8, update to version 3.7.9 or later. For Moodle versions 3.8 to 3.8.5, update to version 3.8.6 or later. For Moodle versions 3.9 to 3.9.2, update to version 3.9.3 or later.