Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Moodle 7PK - Security Features Vulnerability - CVE-2015-5267 - Vulnerability Database
Moodle

Moodle 7PK - Security Features Vulnerability - CVE-2015-5267

High
Reference: CVE-2015-5267
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2015-5267
Title: Moodle 7PK - Security Features Vulnerability
Overview:

lib/moodlelib.php in Moodle through 2.6.11 2.7.x before 2.7.10 2.8.x before 2.8.8 and 2.9.x before 2.9.2 relies on the PHP mt_rand function to implement the random_string and complex_random_string functions which makes it easier for remote attackers to predict password-recovery tokens via a brute-force approach.