2 matches found
CVE-2022-28986
LMS Doctor Simple 2 Factor Authentication Plugin For Moodle Affected: 2021072900 has an Insecure direct object references IDOR vulnerability, which allows remote attackers to update sensitive records such as email, password and phone number of other user accounts...
CVE-2022-28986
The CVE-2022-28986 entry concerns LMS Doctor Simple 2 Factor Authentication Plugin for Moodle (affected: 2021072900). The vulnerability is an Insecure Direct Object Reference (IDOR) that could let an attacker remotely update sensitive records (email, password, phone number) of other user accounts...