A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in an assignment group could modify group overrides for other groups in the same assignment.Referenceshttp://www.securityfocus.com/bid/109271https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10189https://moodle.org/mod/forum/discuss.php?d=388570
