EIP-2026-109584

This is a writeup describing an Insecure Direct Object Reference (IDOR) vulnerability in Moodle 4.3+. It outlines steps to exploit the vulnerability by manipulating the 'id' parameter in various URLs to access unauthorized user data.