2 matches found
CVE-2019-14880
CVE-2019-14880 affects Moodle versions 3.7 before 3.7.3, 3.6 before 3.6.7, and 3.5 before 3.5.9. The issue lies in OAuth 2 providers that do not verify users’ email address changes during sign-up, requiring additional verification to reduce the risk of account compromise. The root cause is insuff...
Moodle CVE-2019-14880 Security Bypass Vulnerability
Description Moodle is prone to a security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Versions prior to Moodle 3.5.9, 3.6.7 and 3.7.3 are vulnerable. Technologies Affected Moodle...