Hi, I am a student and use the moodle system frequently. last week I found a tiny flaw in the system. The flaw allowed me to upload the document of my choice onto someone else's turnitin assignment submission link. By only changing the id values in the form I could upload documents to other student's link. This could be trouble some if it was a final assignments and near the deadlines.
The Turnitin plugin is supported and maintained directly by Turnitin through your organisations contract with them (not by the Moodle community here) - there are also a number of different ways of using Turnitin with Moodle. I'd suggest you send an e-mail directly to firstname.lastname@example.org with screenshots and more detailed information on how you exploited the system to allow their engineers to respond and develop a fix.
Thank you for your reply, the email@example.com, is it the community support??. Should I also email my university about this exploit??. I am scared if they accuse me of hacking, thats why I have kept quiet so far.
Thank You for your reply though