-
Bug
-
Resolution: Fixed
-
Blocker
-
2.9
-
MOODLE_29_STABLE
-
MOODLE_29_STABLE
-
MDL-49902-master -
When I was implementing new external functions (for 3.0) I noticed that I missed to add capability checks to that new function (and also for mod_forum_view_forum_discussion).
mod/forum/view.php and mod/forum/discuss.php checks the mod/forum:viewdiscussion capability prior to do logging and completion triggering.
I'm not marking this as a security bug since 2.9 is not yet released.