Lucene search

K
cvelistRedhatCVELIST:CVE-2021-20282
HistoryMar 15, 2021 - 9:35 p.m.

CVE-2021-20282

2021-03-1521:35:56
CWE-863
redhat
www.cve.org
3
cve-2021-20282
account verification bypass
moodle

AI Score

5.6

Confidence

High

EPSS

0.002

Percentile

52.3%

When creating a user account, it was possible to verify the account without having access to the verification email link/secret in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.

CNA Affected

[
  {
    "product": "moodle",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Fixed in 3.10.2, 3.9.5, 3.8.8, 3.5.17"
      }
    ]
  }
]

AI Score

5.6

Confidence

High

EPSS

0.002

Percentile

52.3%