7 matches found
BIT-MOODLE-2025-67853 Moodle: moodle: brute-force facilitation due to missing rate limiting in confirmation email service
A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. This vulnerability allows attackers to more easily enumerate or guess user credentials, facilitating brute-force attacks against user accounts...
Brute Force
Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Brute Force via the confirmation email web service. An attacker can gain unauthorized access to sensitive information by sending repeated authentication attempts without proper rate limiting, enabli...
CVE-2025-67853
A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. This vulnerability allows attackers to more easily enumerate or guess user credentials, facilitating brute-force attacks against user accounts...
UBUNTU-CVE-2025-67853
A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. This vulnerability allows attackers to more easily enumerate or guess user credentials, facilitating brute-force attacks against user accounts...
CVE-2025-67853 Moodle: moodle: brute-force facilitation due to missing rate limiting in confirmation email service
A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. This vulnerability allows attackers to more easily enumerate or guess user credentials, facilitating brute-force attacks against user accounts...
CVE-2025-67853
CVE-2025-67853 concerns Moodle and is supported by multiple sources in the provided documents. The vulnerability is caused by a lack of proper rate limiting in Moodle’s confirmation email service, which can enable attackers to enumerate or guess user credentials, facilitating brute-force attacks ...
CVE-2025-67853 Moodle: moodle: brute-force facilitation due to missing rate limiting in confirmation email service
A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. This vulnerability allows attackers to more easily enumerate or guess user credentials, facilitating brute-force attacks against user accounts...