Описание
In Moodle 2.x and 3.x, web service tokens are not invalidated when the user password is changed or forced to be changed.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| moodle | fixed | 2.7.16+dfsg-1 | package |
EPSS
Процентиль: 47%
0.00243
Низкий
Связанные уязвимости
CVSS3: 7.3
ubuntu
больше 8 лет назад
In Moodle 2.x and 3.x, web service tokens are not invalidated when the user password is changed or forced to be changed.
CVSS3: 7.3
nvd
больше 8 лет назад
In Moodle 2.x and 3.x, web service tokens are not invalidated when the user password is changed or forced to be changed.
CVSS3: 7.3
github
около 3 лет назад
Moodle Weak Password Recovery Mechanism for Forgotten Password
EPSS
Процентиль: 47%
0.00243
Низкий