Description
Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not use a random password salt in config.php, which makes it easier for attackers to conduct brute-force password guessing attacks.
Remediation
References
Related Vulnerabilities
WordPress Plugin PDF & Print Button Joliprint Multiple Cross-Site Scripting Vulnerabilities (1.3.0)
PHP Improper Input Validation Vulnerability (CVE-2016-4538)
WordPress Plugin SupportEzzy Ticket System Cross-Site Scripting (1.2.5)
Atlassian Jira CVE-2020-14167 Vulnerability (CVE-2020-14167)
Sqlite NULL Pointer Dereference Vulnerability (CVE-2018-8740)