CVE-2016-7038
Description
In Moodle 2.x and 3.x, web service tokens are not invalidated when the user password is changed or forced to be changed.
Risk Information
Base Score
7.3
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS Score
Exploitation Probability
0.243
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Update moodle 3.1.1 to latest version | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234