Description
A flaw was found in Moodle 3.4 to 3.4.1, and 3.3 to 3.3.4. If a user account using OAuth2 authentication method was once confirmed but later suspended, the user could still login to the site.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2017-10349 Vulnerability (CVE-2017-10349)
Jboss EAP Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-3859)
Sqlite Integer Overflow or Wraparound Vulnerability (CVE-2015-3416)
Oracle HTTP Server CVE-2016-3482 Vulnerability (CVE-2016-3482)
WordPress Plugin RocketTheme RokBox Multiple Vulnerabilities (2.13)