CVE-2017-7489by Jeremyin Security Bulletinson Posted on May 15, 2017 In Moodle 2.x and 3.x, remote authenticated users can take ownership of arbitrary blogs by editing an external blog link.