← voltar
CVE-2015-3179

CVE-2015-3179

EPSS 1.5%
login/confirm.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to bypass intended login restrictions by leveraging access to an unconfirmed suspended account.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50090http://openwall.com/lists/oss-security/2015/05/18/1https://moodle.org/mod/forum/discuss.php?d=313686http://www.securityfocus.com/bid/74725http://www.securitytracker.com/id/1032358