[MEDIUM] Moodle Unauthenticated users can trigger custom messages to admin via paypal enrol script

PKSA-3qg3-rv6s-zdvx CVE-2018-1081 GHSA-v9xq-vh72-chr4

Affected package: moodle/moodle

Affected version: >=3.4,<3.4.2|>=3.3,<3.3.5|>=3.2,<3.2.8|>=3.1,<3.1.11

Reported by:
GitHub