In Moodle, insufficient capability checks meant message deletions were not limited to the current user.Read More