What the vulnerability does

01Description

In Moodle, insufficient capability checks made it possible to remove other users' calendar URL subscriptions.

Key dates

02Disclosure timeline

March 6, 2023 CVE published
March 7, 2025 Record updated