Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Moodle Permissions Privileges and Access Controls Vulnerability - CVE-2015-2272 - Vulnerability Database
Moodle

Moodle Permissions Privileges and Access Controls Vulnerability - CVE-2015-2272

Medium
Reference: CVE-2015-2272
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2015-2272
Title: Moodle Permissions Privileges and Access Controls Vulnerability
Overview:

login/token.php in Moodle through 2.5.9 2.6.x before 2.6.9 2.7.x before 2.7.6 and 2.8.x before 2.8.4 allows remote authenticated users to bypass a forced-password-change requirement by creating a web-services token.