CVE-2016-7038
CVE-2016-7038 affects Moodle 2.x/3.x where web service tokens are not invalidated when a user password is changed or forced to be changed. The connected documents confirm the vulnerability appears in Moodle web service token handling; no explicit remediation details are provided in the sources. E...