AI Score
Confidence
High
EPSS
Percentile
56.4%
login/confirm.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to bypass intended login restrictions by leveraging access to an unconfirmed suspended account.
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50090
openwall.com/lists/oss-security/2015/05/18/1
www.securityfocus.com/bid/74725
www.securitytracker.com/id/1032358
moodle.org/mod/forum/discuss.php?d=313686