What the vulnerability does

01Description

In Moodle, insufficient capability checks meant message deletions were not limited to the current user.

Key dates

02Disclosure timeline

March 6, 2023 CVE published
March 7, 2025 Record updated