CVE-2022-0985

Insufficient capability checks could allow users with the moodle/site:uploadusers capability to delete users, without having the necessary moodle/user:delete capability. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt