Description
Multiple unspecified authentication plugins in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 store the MD5 hashes for passwords in the user table, even when the cached hashes are not used by the plugin, which might make it easier for attackers to obtain credentials via unspecified vectors.
Remediation
References
Related Vulnerabilities
Envoy Proxy Improper Certificate Validation Vulnerability (CVE-2022-21654)
Apache HTTP Server Interpretation Conflict Vulnerability (CVE-2022-37436)
WordPress Plugin Fancy Product Designer-WooCommerce Cross-Site Scripting (4.5.0)
WordPress Plugin Advanced post slider Unspecified Vulnerability (2.4.0)
WebLogic Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-17359)