CVE-2012-0794

The rc4encrypt function in lib/moodlelib.php in Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 uses a hardcoded password of nfgjeingjk, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by reading this script's...

CVE-2012-0794

The CVE-2012-0794 issue affects Moodle 1.9.x up to 1.9.15, 2.0.x up to 2.0.6, 2.1.x up to 2.1.3, and 2.2.x up to 2.2.0, where rc4encrypt in lib/moodlelib.php uses a hardcoded password (nfgjeingjk). This weak cryptographic protection can be defeated by reading the script’s source code within the d...