Description
When creating a user account, it was possible to verify the account without having access to the verification email link/secret in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.
Remediation
References
Related Vulnerabilities
WordPress Plugin Analytics Tracker Cross-Site Scripting (1.1.0)
SharePoint CVE-2021-42294 Vulnerability (CVE-2021-42294)
WordPress Plugin BackWPup Multiple Unspecified Vulnerabilities (3.2.1)
Apache HTTP Server Other Vulnerability (CVE-2002-0061)
Oracle Database Server CVE-2023-22073 Vulnerability (CVE-2023-22073)