CVE-2011-4287

2012-07-16T10:28:00
ID CVE-2011-4287
Type cve
Reporter cve@mitre.org
Modified 2012-07-16T10:28:00

Description

admin/uploaduser_form.php in Moodle 2.0.x before 2.0.3 does not force password changes for autosubscribed users, which makes it easier for remote attackers to obtain access by leveraging knowledge of the initial password of a new user.