Описание
Moodle Improper Authentication
A flaw was found in Moodle 3.4 to 3.4.1, and 3.3 to 3.3.4. If a user account using OAuth2 authentication method was once confirmed but later suspended, the user could still login to the site.
Пакеты
Наименование
moodle/moodle
composer
Затронутые версииВерсия исправления
>= 3.3, < 3.3.5
3.3.5
Наименование
moodle/moodle
composer
Затронутые версииВерсия исправления
>= 3.4, < 3.4.2
3.4.2
Связанные уязвимости
CVSS3: 8.1
ubuntu
около 7 лет назад
A flaw was found in Moodle 3.4 to 3.4.1, and 3.3 to 3.3.4. If a user account using OAuth2 authentication method was once confirmed but later suspended, the user could still login to the site.
CVSS3: 8.1
nvd
около 7 лет назад
A flaw was found in Moodle 3.4 to 3.4.1, and 3.3 to 3.3.4. If a user account using OAuth2 authentication method was once confirmed but later suspended, the user could still login to the site.
CVSS3: 8.1
debian
около 7 лет назад
A flaw was found in Moodle 3.4 to 3.4.1, and 3.3 to 3.3.4. If a user a ...