Posted on

Moodle 2.x/3.x Web Service Token weak authentication

A vulnerability, which was classified as critical, was found in Moodle 2.x/3.x (Learning Management Software). Affected is an unknown code of the component Web Service Token Handler. Upgrading eliminates this vulnerability. A possible mitigation has been published even before and not after the disclosure of the vulnerability.