NVD CVE-2016-8643 January 20, 2017 007admin Leave a comment In Moodle 2.x and 3.x, non-admin site managers may accidentally edit admins via web services.